apache2 2.2.9-10+lenny6 source package in Debian
Changelog
apache2 (2.2.9-10+lenny6) stable-security; urgency=high
* Security:
- Reject any client-initiated SSL/TLS renegotiations. This is a partial fix
for the TLS renegotiation prefix injection attack (CVE-2009-3555).
Any configuration which requires renegotiation for per-directory/location
access control or uses "SSLVerifyClient optional" is still vulnerable.
-- Stefan Fritsch <email address hidden> Sat, 14 Nov 2009 21:10:47 +0100
Upload details
- Uploaded by:
- Debian Apache Maintainers
- Uploaded to:
- Lenny
- Original maintainer:
- Debian Apache Maintainers
- Architectures:
- any
- Section:
- web
- Urgency:
- Very Urgent
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| apache2_2.2.9-10+lenny6.dsc | 1.6 KiB | 58a6e907183d55e3e818a0dd5ec521f297326cc6ff2f254c31c19554e253001c |
| apache2_2.2.9.orig.tar.gz | 6.1 MiB | 74c92f9905a809fb18822f0d98e45712bb17495cefaf2b5315c2ce15840a04a2 |
| apache2_2.2.9-10+lenny6.diff.gz | 142.3 KiB | d2677b1c3ba4e977247fc0d98b10136841e796a9a823d37523429639c3bf1500 |
No changes file available.
