lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20050830073758.GA18153@piware.de>
Date: Tue, 30 Aug 2005 09:37:58 +0200
From: Martin Pitt <martin.pitt@...onical.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-173-3] Fixed apache2 packages for USN-173-2

===========================================================
Ubuntu Security Notice USN-173-3	    August 30, 2005
apache2 bug fix
https://bugzilla.ubuntu.com/show_bug.cgi?id=14209
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

apache2
apache2-mpm-perchild
apache2-mpm-prefork
apache2-mpm-threadpool
apache2-mpm-worker

The problem can be corrected by upgrading the affected package to
version 2.0.50-12ubuntu4.6.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

USN-173-2 fixed a vulnerability in Apache's regular expression parser.
However, the packages from that advisories had a bug that prevented
Apache from starting. This update fixes this.

We apologize for the inconvenience!

  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.5.diff.gz
      Size/MD5:    99882 ba75cdce6b8d9b676db0f3f3077d6cef
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.5.dsc
      Size/MD5:     1151 c7c07a7eec977385e707df1430fd8976
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.6.diff.gz
      Size/MD5:    99942 d3808b6a89224afbbb844b403bedeea1
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.6.dsc
      Size/MD5:     1151 05f6d44fa32835b96aac9ad1b3f61a53
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50.orig.tar.gz
      Size/MD5:  6321209 9d0767f8a1344229569fcd8272156f8b

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-doc_2.0.50-12ubuntu4.6_all.deb
      Size/MD5:  3178580 b9e4b27be0c87c6496b4bd1fba6a2206
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-prefork-dev_2.0.50-12ubuntu4.6_all.deb
      Size/MD5:   163980 dd0ffcd15f73528786472e9d7105170f
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-threaded-dev_2.0.50-12ubuntu4.6_all.deb
      Size/MD5:   164728 cb81b3ff102702047547f7483eb43599

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.50-12ubuntu4.6_amd64.deb
      Size/MD5:   864894 5c80221b63d06bd29d40809c1c6cda06
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.50-12ubuntu4.6_amd64.deb
      Size/MD5:   230608 3142f227e3b2aea23b13fa52af3d9ab8
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.50-12ubuntu4.6_amd64.deb
      Size/MD5:   225820 569b3ae00b21e377ce36956adda4438b
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-threadpool_2.0.50-12ubuntu4.6_amd64.deb
      Size/MD5:   229206 ef6c0a16e31dc9ade5d0ab2921dc8cb7
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.50-12ubuntu4.6_amd64.deb
      Size/MD5:   229792 2cf2124ce1e968859e6f8948e31ebd5d
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.6_amd64.deb
      Size/MD5:    30218 f0f6b693acf1c58bfa339c3c3609f470
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.50-12ubuntu4.6_amd64.deb
      Size/MD5:   275718 f0cdf8df63ac7b536286317c3a952ef9
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.50-12ubuntu4.6_amd64.deb
      Size/MD5:   133664 d99f9a42075861b9576ff30b8a492fd7

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.50-12ubuntu4.6_i386.deb
      Size/MD5:   826316 2de9161ae1be77b309d8b36a59e39668
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.50-12ubuntu4.6_i386.deb
      Size/MD5:   209618 a03533480dee36fa8bccf4829ca7cbe4
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.50-12ubuntu4.6_i386.deb
      Size/MD5:   205824 135a731068362a3355a14f083b10debf
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-threadpool_2.0.50-12ubuntu4.6_i386.deb
      Size/MD5:   208470 f4c9e5097975cc5764f8132e8428e9c8
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.50-12ubuntu4.6_i386.deb
      Size/MD5:   208892 b2baecaff56787234c6ac23f7f1a6c91
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.6_i386.deb
      Size/MD5:    30216 e7d9586600d10c6b7402759cf804f56a
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.50-12ubuntu4.6_i386.deb
      Size/MD5:   253674 e8ff58d9d144cf66df8535868668e3d5
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.50-12ubuntu4.6_i386.deb
      Size/MD5:   124396 d2dc8f3aa69c032d36a253f460f968e3

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-common_2.0.50-12ubuntu4.6_powerpc.deb
      Size/MD5:   904116 877a379b0b9a7e9b30ca957d59b521d5
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-perchild_2.0.50-12ubuntu4.6_powerpc.deb
      Size/MD5:   223174 94733a13950b8003a2c4eed9eb8891a9
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-prefork_2.0.50-12ubuntu4.6_powerpc.deb
      Size/MD5:   218222 f0e634c364da387fb5ce25bbf5d4ee30
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-threadpool_2.0.50-12ubuntu4.6_powerpc.deb
      Size/MD5:   221360 98ab87591d0d3c056ee743d89ce021e4
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2-mpm-worker_2.0.50-12ubuntu4.6_powerpc.deb
      Size/MD5:   222028 dd83ac0f7d4357287a8de32ab8cd5f0f
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/apache2_2.0.50-12ubuntu4.6_powerpc.deb
      Size/MD5:    30222 27d671228a56cc3e30873ffbc019e371
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0-dev_2.0.50-12ubuntu4.6_powerpc.deb
      Size/MD5:   269472 96c902979c63e587c0c1d96d3cf9113f
    http://security.ubuntu.com/ubuntu/pool/main/a/apache2/libapr0_2.0.50-12ubuntu4.6_powerpc.deb
      Size/MD5:   131000 48382af5f24dec72a14d1c6261b6ffe5

Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ