[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[plamo:30017] Re: Apache 2.2.12
-
From:jun kuwamura
-
Date:Sat, 1 Aug 2009 12:04:03 +0900 (JST)
- Subject: [plamo:30017] Re: Apache 2.2.12
- From: jun kuwamura <kuwamura.jun@xxxxxxxxx>
- Date: Sat, 1 Aug 2009 12:04:00 +0900
くわむらです
ありがとうございます。
ftp://plamo.linet.jp/pub/Plamo-test/for-4.6x/ に、
http-2.2.10 と、それに対応した php-2.2.10のパッケージ
をまとめておきました。
@tmplamo[~/pub/Plamo-test/for-4.6x]% tar tf WebDB46-090801.tar
09_webdb/02_apache.tgz/httpd-2.2.12-i586-P1.tgz
09_webdb/03_PHP.tgz/01_php-5.2.10-i586-P2.tgz
09_webdb/03_PHP.tgz/php_doc_ja-5.2.10-noname-P2.tgz
2009/7/29 KATOH Yasufumi <karma@xxxxxxxxxxxxxxxx>:
> 加藤泰文です.
>
> Apache 2.2.12 出てます.
>
> http://www.apache.org/dist/httpd/CHANGES_2.2.12
>
> セキュリティ関係
>
> *) SECURITY: CVE-2009-1891 (cve.mitre.org)
> Fix a potential Denial-of-Service attack against mod_deflate or other
> modules, by forcing the server to consume CPU time in compressing a
> large file after a client disconnects. PR 39605.
> [Joe Orton, Ruediger Pluem]
>
> *) SECURITY: CVE-2009-1195 (cve.mitre.org)
> Prevent the "Includes" Option from being enabled in an .htaccess
> file if the AllowOverride restrictions do not permit it.
> [Jonathan Peatfield <j.s.peatfield damtp.cam.ac.uk>, Joe Orton,
> Ruediger Pluem, Jeff Trawick]
>
> *) SECURITY: CVE-2009-1890 (cve.mitre.org)
> Fix a potential Denial-of-Service attack against mod_proxy in a
> reverse proxy configuration, where a remote attacker can force a
> proxy process to consume CPU time indefinitely. [Nick Kew, Joe Orton]
>
> *) SECURITY: CVE-2009-1191 (cve.mitre.org)
> mod_proxy_ajp: Avoid delivering content from a previous request which
> failed to send a request body. PR 46949 [Ruediger Pluem]
>
> *) SECURITY: CVE-2009-0023, CVE-2009-1955, CVE-2009-1956 (cve.mitre.org)
> The bundled copy of the APR-util library has been updated, fixing three
> different security issues which may affect particular configurations
> and third-party modules.
>
> --
> ==============================================
> (((( 加藤泰文
> ○-○ karma @ jazz.email.ne.jp
> ==============================================
> (Web Page) http://www.ne.jp/asahi/ka/to/
> ==============================================
>
>
>
--
Jun Kuwamura
rC Cn
^
~
[検索ページ]
[メール一覧]
Plamo ML 公開システム