tag 642956 + confirmed squeeze thanks On Mon, 2011-09-26 at 18:31 +0200, Stefan Fritsch wrote: > On Monday 26 September 2011, Adam D. Barratt wrote: > > On Mon, 2011-09-26 at 00:34 +0200, Stefan Fritsch wrote: > > > Please review apache2/2.2.16-6+squeeze4 for inclusion in s-p-u. > > > It fixes a minor DoS issue, some bugs in the init script and > > > adds some docs. > > > > Thanks for this. A couple of queries: > > > * Fix CVE-2011-3348: Possible denial of service in > > > mod_proxy_ajp > > > > > > if combined with mod_proxy_balancer. > > > > As far as I can tell from the upload history and the security > > tracker, this is still unfixed in unstable - is that correct? > > Yes. It's included in upstream 2.2.21 which I will upload to unstable > shortly. So, the patch has already seen some use and is unlikely to > introduce regressions.
Please go ahead; thanks. Regards, Adam -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
