-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 3.0 (quilt) Source: apache2 Binary: apache2, apache2-data, apache2-bin, apache2-mpm-worker, apache2-mpm-prefork, apache2-mpm-event, apache2-mpm-itk, apache2.2-bin, apache2.2-common, libapache2-mod-proxy-html, libapache2-mod-macro, apache2-utils, apache2-suexec, apache2-suexec-pristine, apache2-suexec-custom, apache2-doc, apache2-dev, apache2-dbg Architecture: any all Version: 2.4.10-8 Maintainer: Debian Apache Maintainers <[email protected]> Uploaders: Stefan Fritsch <[email protected]>, Arno Töll <[email protected]> Homepage: http://httpd.apache.org/ Standards-Version: 3.9.6 Vcs-Browser: http://anonscm.debian.org/gitweb/?p=pkg-apache/apache2.git Vcs-Git: git://anonscm.debian.org/pkg-apache/apache2.git Build-Depends: debhelper (>= 8.9.7~), lsb-release, dpkg-dev (>= 1.16.1~), libaprutil1-dev (>= 1.5.0), libapr1-dev (>= 1.5.0), libpcre3-dev, zlib1g-dev, libssl-dev (>= 0.9.8m), perl, liblua5.1-0-dev, libxml2-dev, autotools-dev, gawk | awk Build-Conflicts: autoconf2.13 Package-List: apache2 deb httpd optional arch=any apache2-bin deb httpd optional arch=any apache2-data deb httpd optional arch=all apache2-dbg deb debug extra arch=any apache2-dev deb httpd optional arch=any apache2-doc deb doc optional arch=all apache2-mpm-event deb oldlibs extra arch=any apache2-mpm-itk deb oldlibs extra arch=any apache2-mpm-prefork deb oldlibs extra arch=any apache2-mpm-worker deb oldlibs extra arch=any apache2-suexec deb oldlibs extra arch=any apache2-suexec-custom deb httpd extra arch=any apache2-suexec-pristine deb httpd optional arch=any apache2-utils deb httpd optional arch=any apache2.2-bin deb oldlibs extra arch=any apache2.2-common deb oldlibs extra arch=any libapache2-mod-macro deb oldlibs extra arch=any libapache2-mod-proxy-html deb oldlibs extra arch=any Checksums-Sha1: 00f5c3f8274139bd6160eda2cf514fa9b74549e5 5031834 apache2_2.4.10.orig.tar.bz2 bed6f52f637c5fd46b1f74c977f8bfd759adf778 525612 apache2_2.4.10-8.debian.tar.xz Checksums-Sha256: 176c4dac1a745f07b7b91e7f4fd48f9c48049fa6f088efe758d61d9738669c6a 5031834 apache2_2.4.10.orig.tar.bz2 5209ccdcce16df738d41753c23a5e3a554dacf91453836db9ee829529cca18a7 525612 apache2_2.4.10-8.debian.tar.xz Files: 44543dff14a4ebc1e9e2d86780507156 5031834 apache2_2.4.10.orig.tar.bz2 e7b80265d53ab36bcdaa305fd074b1d2 525612 apache2_2.4.10-8.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBVGtX8caHXzVBzv3gAQivdw/+J0UXnC7u3BQMMppQJaqSOFTNrHujggwG boYH7kUlKzncFdFdPrRD+/jU/0GKzVGgxoY0nsZE5i7pfgMuD6DeuBhefXgTIyGK I6yD5aKIaqSxeM6W6ndTIrdoIl25z2X4GvMK3eip7cqZVpUAiL0KQtb+6wQU16Gd YtZ7Gwu9yOT1mGVBg5FR6wJ9Mh5PlJySfApv+sfhCjD1bkn5a8GpQZDcfezik76C TePB84FyCDu633f+whVGAV7H+7VnVbhAwA8UIyK2Pt9BJ28k0kXL0Qb5GQVH3fqb BhIn3IG97DizQb0bmJKUaXd5k7NmfmhPh6xOrQ6rjCY/ajVdgdtWspXXur/5D6Kj Wepgmy6IcJE+36iuFKq/oufEk260hO3TALJfULFY6qSo2+apIVp7QgP0/5vLkEDl OxqpMNsUPESufVluUWRRuImutlYSCD59vtUAEQAzeb10hq6fBjH7YAhISKChEM+3 MtrX+LILjK+y2yDNCzo8CB095J/5fM2Ok+riMRyEloRnaDRlDZHelKINjiWEsKrZ tZa7Gz1zdY2k5JV6Gp+dw8B9uYtCwROnzlNmB2vxlnGU8kcSLMxryVXUSnnHFnSK zbKhmUe5HnGsiqiBBMn2JypTP9LuYZX42YbhBcDMLBFrTza8HIFo1G1Ep9WZvWte ZW66+pDl8R0= =ypzU -----END PGP SIGNATURE----- Changes: apache2 (2.4.10-8) unstable; urgency=medium * Bump dpkg Pre-Depends to version that supports relative symlinks in dpkg-maintscript-helper's symlink_to_dir. Closes: #769821 * mod_proxy_fcgi: Fix potential denial of service by malicious fcgi script. (CVE-2014-3583). Fix similar bug in mod_authnz_fcgi even though it does not seem to be exploitable. * mpm_event: Fix use-after-free that may lead to a server crash. * mod_ssl: Fix memory leak on graceful restart. Closes: #754492 * mod_ssl: Avoid crashes during startup or graceful restart due to openssl using a callback to invalid memory. LP: #1366174 -- Stefan Fritsch <[email protected]> Tue, 18 Nov 2014 15:18:18 +0100
