This bug was fixed in the package apache2 - 2.2.11-7ubuntu1
---------------
apache2 (2.2.11-7ubuntu1) karmic; urgency=low
* Merge from debian unstable, remaining changes: LP: #398130
- debian/patches/203_fix-ssl-timeftm-ignored.dpatch:
Fix timefmt is ignored when XBitHack is on. (LP: #258914)
- debian/{control,rules}: enable PIE hardening.
- debian/{control, rules, apache2.2-common.ufw.profile}: add ufw profiles.
apache2 (2.2.11-7) unstable; urgency=low
* Security fixes:
- CVE-2009-1890: denial of service in mod_proxy
- CVE-2009-1891: denial of service in mod_deflate (closes: #534712)
* Add symlinks for the debug info to the mpm packages.
* Be slightly more informative in the default index.html without pointing
to Apache or Debian (LP: #89364)
* Remove dependency on net-tools, which is no longer necessary
(closes: #535849)
* Bump Standards-Version (no changes)
-- Bhavani Shankar <[email protected]> Sat, 11 Jul 2009 16:34:32
+0530
** Changed in: apache2 (Ubuntu)
Status: Won't Fix => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1890
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-1891
--
Apache2 default site contains only the words "It works!"
https://bugs.launchpad.net/bugs/89364
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
