-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sat, 06 Apr 2013 11:09:12 +0200 Source: modsecurity-apache Binary: libapache2-modsecurity libapache-mod-security Architecture: source amd64 all Version: 2.6.6-6 Distribution: unstable Urgency: high Maintainer: Alberto Gonzalez Iniesta <a...@inittab.org> Changed-By: Alberto Gonzalez Iniesta <a...@inittab.org> Description: libapache-mod-security - Dummy transitional package libapache2-modsecurity - Tighten web applications security for Apache Closes: 704625 Changes: modsecurity-apache (2.6.6-6) unstable; urgency=high . * Applied upstream patch to fix XXE attacks. CVE-2013-1915 Thanks Thomas Goirand for backporting the patch. (Closes: #704625) Adds new SecXmlExternalEntity option which by default (Off) disables the external entity load task executed by libxml2. Checksums-Sha1: 42c962dc35e7ab8d6d51420f2c3039d564b57e50 1352 modsecurity-apache_2.6.6-6.dsc 14a6b15da1ab45a7abac1ae2aa05a206f8110931 10483 modsecurity-apache_2.6.6-6.debian.tar.gz 848321a59e5610c9474b1f9ff46eb89c925241bd 303562 libapache2-modsecurity_2.6.6-6_amd64.deb 53e6bd53fbed99d0ca1c0ad07a9c8c189f95e244 18274 libapache-mod-security_2.6.6-6_all.deb Checksums-Sha256: a04c2c992aa1120cb4845c9d4dfadaa20cf3e147fef74e2686735382de652227 1352 modsecurity-apache_2.6.6-6.dsc 92085c49da450a40dd37bcb619ba17a2f1a79ae75a73b824c7c50d53a47f0371 10483 modsecurity-apache_2.6.6-6.debian.tar.gz 28ffc2201cf284572147a47e32c03c71a5d2b4fddd1a8924cfd865fcb58f96dc 303562 libapache2-modsecurity_2.6.6-6_amd64.deb 96dacadf7035ec4ca21514f3dad2a195095765703b32d78cfd68656cfc3df48d 18274 libapache-mod-security_2.6.6-6_all.deb Files: 63939d541b57a5726fc642f7b32d67ae 1352 httpd optional modsecurity-apache_2.6.6-6.dsc 44691d634ba2ac42642146c29e8573f0 10483 httpd optional modsecurity-apache_2.6.6-6.debian.tar.gz 8981a018a555e165306718da6a27b8d6 303562 httpd optional libapache2-modsecurity_2.6.6-6_amd64.deb 400fd267e4389712a816ad521bfd90e8 18274 oldlibs extra libapache-mod-security_2.6.6-6_all.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlFi0RQACgkQxRSvjkukAcPB9QCgzR8v8SKpXx494XZTH2srMzmU 3fMAoJ7d9Pn2ox8WELsjylBOWBqe3eMn =69Oh -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-devel-changes-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/e1updbd-0007et...@franck.debian.org