atualizei: apache, apache-common e apache-utils jp(sem assinatura).
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - > -------------------------------------------------------------------------- > Debian Security Advisory DSA 803-1 [EMAIL PROTECTED] > http://www.debian.org/security/ Martin Schulze > September 8th, 2005 http://www.debian.org/security/faq > - > -------------------------------------------------------------------------- > > Package : apache > Vulnerability : programming error > Problem type : remote > Debian-specific: no > CVE ID : CAN-2005-2088 > Debian Bug : 322607 > > A vulnerability has been discovered in the Apache web server. When it > is acting as an HTTP proxy, it allows remote attackers to poison the > web cache, bypass web application firewall protection, and conduct > cross-site scripting attacks, which causes Apache to incorrectly > handle and forward the body of the request. > > For the old stable distribution (woody) this problem has been fixed in > version 1.3.26-0woody7. > > For the stable distribution (sarge) this problem has been fixed in > version 1.3.33-6sarge1. > > For the unstable distribution (sid) this problem has been fixed in > version 1.3.33-8. > > We recommend that you upgrade your Apache package. > > > Upgrade Instructions > - -------------------- > > wget url > will fetch the file for you > dpkg -i file.deb > will install the referenced file. > > If you are using the apt-get package manager, use the line for > sources.list as given below: > > apt-get update > will update the internal database > apt-get upgrade > will install corrected packages > > You may use an automated update by adding the resources from the > footer to the proper configuration. > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (GNU/Linux) > > iD8DBQFDH9OSW5ql+IAeqTIRAo8cAJ9wG0wUOQcSBszrarKnqWOs9IlwTACePEcf > cDGL/fke9UfFWxj7FBIzBwM= > =vhXI > -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
