![[LWN Logo]](/images/lwn.banner.gif)
Date: Fri, 28 Aug 1998 21:12:30 +0200
From: Martin Schulze <joey@kuolema.Infodrom.North.DE>
To: Debian Security Announcements <debian-security-announce@lists.debian.org>
Subject: [SECURITY] New versions of apache fixes denial of services
--8t9RHnE3ZwKMSgU+
Content-Type: text/plain; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
We have received a report from Dag-Erling Coidan Sm=F8rgrav who says
that the apache as distributed with Debian GNU/Linux 2.0 is vulnerable
to a denial of services exploit, where repeated, identical headers
can consume O(n^2) memory.
We recommend you upgrade your apache package immediately.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.0 alias hamm
-------------------------------
This version of Debian was released only for the Intel and the
Motorola 68xxx architecture.
ftp://ftp.debian.org/debian/dists/stable-updates/apache_1.3.0-5.diff.gz
MD5 checksum: ce19f3993e469bd862c6160ba2809ed9
ftp://ftp.debian.org/debian/dists/stable-updates/apache_1.3.0-5.dsc
MD5 checksum: e8fc0dd9660fc17ba7423ae2235e9463
ftp://ftp.debian.org/debian/dists/stable-updates/apache_1.3.0-5_i386.ch=
anges
MD5 checksum: 0470ab9f66a70b3ad4745a902983be7c
Intel architecture:
ftp://ftp.debian.org/debian/dists/stable-updates/apache_1.3.0-5_i386.deb
MD5 checksum: 3b3741bbf86e104babecffbc658203dd
Motorola 68xxx architecture:
ftp://ftp.debian.org/debian/dists/stable-updates/apache_1.3.0-5_m68k.deb
MD5 checksum: 9187faca2e84f5b43439b29d814c7fe3
These files will be moved into
ftp://ftp.debian.org/debian/dists/hamm/*/binary-$arch/ soon.
For other architectures please refer to the appropriate directory
ftp://ftp.debian.org/debian/dists/sid/binary-$arch/ .
--
Debian GNU/Linux . Security Managers . security@debian.org
debian-security-announce@lists.debian.org
Christian Hudon <chrish@debian.org> . Martin Schulze <joey@debian.org>
--8t9RHnE3ZwKMSgU+
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
iQCVAwUBNecBHRRNm5Suj3z1AQF+OQQAgDXkNTAffoNupgeZSWxnx2Z1tsvTvmCl
qZrsJschGaCFKeTbE83PuWC7v7HWY7M+VU/f4u8VFAwAyVv5g26L0r//oTyZkBJL
kraXtmdIhaLXw40LCxCNULLFH788XzareDBBY4sZBWckMzdwLmZ5SPvMLgI5Vt5F
OrDhJQLh6Ks=
=4ZWc
-----END PGP SIGNATURE-----
--8t9RHnE3ZwKMSgU+--
--
To UNSUBSCRIBE, email to debian-security-announce-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org