sdkp3-apache2Security update for Apache 2Security update for Apache 2This update of the Apache webserver fixes various security
issues:
- the option IncludesNOEXEC could be bypassed via .htaccess
(CVE-2009-1195)
- mod_proxy could run into an infinite loop when used as
reverse proxy (CVE-2009-1890)
- mod_deflate continued to compress large files even after
a network connection was closed, causing mod_deflate to
consume large amounts of CPU (CVE-2009-1891)
- The ap_proxy_ftp_handler function in
modules/proxy/proxy_ftp.c in the mod_proxy_ftp module
allows remote FTP servers to cause a denial of service
(NULL pointer dereference and child process crash) via a
malformed reply to an EPSV command. (CVE-2009-3094)
- access restriction bypass in mod_proxy_ftp module
(CVE-2009-3095)
Also a incompatibility between mod_cache and mod_rewrite
was fixed.
This update of the Apache webserver fixes various security
issues:
- the option IncludesNOEXEC could be bypassed via .htaccess
(CVE-2009-1195)
- mod_proxy could run into an infinite loop when used as
reverse proxy (CVE-2009-1890)
- mod_deflate continued to compress large files even after
a network connection was closed, causing mod_deflate to
consume large amounts of CPU (CVE-2009-1891)
- The ap_proxy_ftp_handler function in
modules/proxy/proxy_ftp.c in the mod_proxy_ftp module
allows remote FTP servers to cause a denial of service
(NULL pointer dereference and child process crash) via a
malformed reply to an EPSV command. (CVE-2009-3094)
- access restriction bypass in mod_proxy_ftp module
(CVE-2009-3095)
Also a incompatibility between mod_cache and mod_rewrite
was fixed.
securityapache2x86_642f84d9076f0e9e3179162dc7e7ddc7e5fac8b0ecapache2-develx86_6450872465f42493ddd68b83f50254d8dc4e872062apache2-docx86_648a927cd8d56f602976c82a731c2276008a88d497apache2-example-pagesx86_649bf244d55854d99fe80096f0d31ff343bbe56774apache2-preforkx86_64a47f62ecd2c332949d857a76e2ba8d27cfe8c14capache2-workerx86_64ba3a5c05ff28232e99ea8a62ac4e0478a8f61084