Bug#540862: reassign

reassign 540862 libxerces2-java thanks this appears to be a flaw in the xerces xml parser. see previous discussion and pdf. -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org

Bug#540862: apache2: xml-based firewall bypass / port scanning vulnerability

package: apache2 version: 2.2.3-4+etch6 severity: important tags: security it has been dislosed that apache (and potentially other web servers) can be used to port scan behind a firewall. i don't think this issue issue too severe, but a firewall bypass nevertheless is probably not a good thing.

Bug#535886: apache2: htaccess override

package: apache2 severity: important version: 2.2.3-4+etch6 tags: security apache2 in etch is vulnerable to an override vulnerability in .htaccess [1]. [1] https://issues.apache.org/bugzilla/show_bug.cgi?id=44262 -- To UNSUBSCRIBE, email to debian-apache-requ...@lists.debian.org with a

Bug#533661: slowloris denial-of-service vulnerability

package: apache2 version: 2.2.3-4+etch6 severity: important tags: security hello, this package is supposedly vulnerable to something called a slowloris denial-of-service attack. please check to see whether this is a correct assessment. see [1],[2] for more info. thanks. [1]