Ubuntu alert USN-1199-1 (apache2)
| From: | Jamie Strandboge <jamie@canonical.com> | |
| To: | ubuntu-security-announce@lists.ubuntu.com | |
| Subject: | [USN-1199-1] Apache vulnerability | |
| Date: | Thu, 01 Sep 2011 17:08:14 -0500 | |
| Message-ID: | <1314914897.6752.3.camel@localhost> |
========================================================================== Ubuntu Security Notice USN-1199-1 September 01, 2011 apache2 vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 - Ubuntu 10.10 - Ubuntu 10.04 LTS - Ubuntu 8.04 LTS Summary: A remote attacker could send crafted input to Apache and cause it to crash. Software Description: - apache2: Apache HTTP server Details: A flaw was discovered in the byterange filter in Apache. A remote attacker could exploit this to cause a denial of service via resource exhaustion. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: apache2.2-bin 2.2.17-1ubuntu1.2 Ubuntu 10.10: apache2.2-bin 2.2.16-1ubuntu3.3 Ubuntu 10.04 LTS: apache2.2-bin 2.2.14-5ubuntu8.6 Ubuntu 8.04 LTS: apache2-mpm-event 2.2.8-1ubuntu0.21 apache2-mpm-perchild 2.2.8-1ubuntu0.21 apache2-mpm-prefork 2.2.8-1ubuntu0.21 apache2-mpm-worker 2.2.8-1ubuntu0.21 In general, a standard system update will make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1199-1 CVE-2011-3192 Package Information: https://launchpad.net/ubuntu/+source/apache2/2.2.17-1ubun... https://launchpad.net/ubuntu/+source/apache2/2.2.16-1ubun... https://launchpad.net/ubuntu/+source/apache2/2.2.14-5ubun... https://launchpad.net/ubuntu/+source/apache2/2.2.8-1ubunt... -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...