Debian Bug report logs -
#351246
apache2: [CVE-2005-3357] DoS (crash) with mod_ssl
Reported by: intrigeri <intrigeri@boum.org>
Date: Fri, 3 Feb 2006 14:18:50 UTC
Severity: important
Tags: sarge, security
Found in version apache2/2.0.54-5
Fixed in version 2.2.3-3
Done: Thijs Kinkhorst <thijs@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Intri Geri <intrigeri@boum.org>, Debian Apache Maintainers <debian-apache@lists.debian.org>:
Bug#351246; Package apache2.
(full text, mbox, link).
Acknowledgement sent to intrigeri <intrigeri@boum.org>:
New Bug report received and forwarded. Copy sent to Intri Geri <intrigeri@boum.org>, Debian Apache Maintainers <debian-apache@lists.debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: apache2
Tags: security, sarge
Version: 2.0.54-5
Severity: important
Upstream reports a DoS issue in Apache:
http://issues.apache.org/bugzilla/show_bug.cgi?id=37791
This has been fixed in sid's apache2 2.0.55-4, but seems to remain
in sarge.
Impact does not seem to be substantial (very specific configuration
required), therefore I'm setting the severity to "important".
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (300, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.11-20050709
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to fr_FR.UTF-8)
Versions of packages apache2 depends on:
ii apache2-mpm-worker 2.0.54-5 high speed threaded model for Apac
-- no debconf information
--
intrigeri <intrigeri@boum.org>
Information forwarded to Debian Apache Maintainers <debian-apache@lists.debian.org>:
Bug#351246; Package apache2.
(full text, mbox, link).
Acknowledgement sent to adrian@smop.co.uk:
Extra info received and forwarded to maintainer. Copy sent to Debian Apache Maintainers <debian-apache@lists.debian.org>.
(full text, mbox, link).
Message #10 received at 351246-maintonly@bugs.debian.org (full text, mbox, reply):
Hi guys,
This DoS fix still isn't in sarge - whilst not exactly a common
config, I'm suprised there hasn't been a reply so this is just a chase
in case it's been forgotten!
Many thanks,
Adrian
Bug marked as fixed in version 2.2.3-3, send any further explanations to intrigeri <intrigeri@boum.org>
Request was from Thijs Kinkhorst <thijs@debian.org>
to control@bugs.debian.org.
(full text, mbox, link).
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 25 Jun 2007 11:33:38 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:45:32 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon