Paketname
apache
Datum
2007-06-19
Advisory ID
MDKSA-2007:127
Betroffene Versionen
2007.1 i586 , 2007.1 x86_64

Problembeschreibung

The recall_headers function in mod_mem_cache in Apache 2.2.4 does not
properly copy all levels of header data, which can cause Apache to
return HTTP headers containing previously-used data, which could be
used to obtain potentially sensitive information by unauthorized users.

Updated packages have been patched to prevent this issue.

Aktualisierte Pakete

2007.1 i586

 df215cfeb60037cfa93256a75127b65a  2007.1/i586/apache-base-2.2.4-6.1mdv2007.1.i586.rpm
 6cd861555039d06cd807b376b39650ad  2007.1/i586/apache-devel-2.2.4-6.1mdv2007.1.i586.rpm
 9479c5f3735db0cc7f9c66e7ccd1a206  2007.1/i586/apache-htcacheclean-2.2.4-6.1mdv2007.1.i586.rpm
 dc12e7ca2fd3733dcd3efb012acad4cc  2007.1/i586/apache-mod_authn_dbd-2.2.4-6.1mdv2007.1.i586.rpm
 4535f149502f37cab65aacebd7581471  2007.1/i586/apache-mod_cache-2.2.4-6.1mdv2007.1.i586.rpm
 5085f9e8d2aa6e38766efb4a9154d306  2007.1/i586/apache-mod_dav-2.2.4-6.1mdv2007.1.i586.rpm
 5ee61567d1288d16ed2307893554b1b7  2007.1/i586/apache-mod_dbd-2.2.4-6.1mdv2007.1.i586.rpm
 af13cd68fc98ffbc9e87cb0d65a5cd5b  2007.1/i586/apache-mod_deflate-2.2.4-6.1mdv2007.1.i586.rpm
 1e57f2992f30eb325896c5e8782ae2ea  2007.1/i586/apache-mod_disk_cache-2.2.4-6.1mdv2007.1.i586.rpm
 1c42fbe45621eaf9ac3feb6f49180340  2007.1/i586/apache-mod_file_cache-2.2.4-6.1mdv2007.1.i586.rpm
 84e50eb41ff1ceb96c967220073c245e  2007.1/i586/apache-mod_ldap-2.2.4-6.1mdv2007.1.i586.rpm
 d9180cbce5786167ea09c1ec95b6fc7d  2007.1/i586/apache-mod_mem_cache-2.2.4-6.1mdv2007.1.i586.rpm
 b4e17906ac249e5b02d31c7ec52cb49d  2007.1/i586/apache-mod_proxy-2.2.4-6.1mdv2007.1.i586.rpm
 dfb17e965b455ce2eac1c484364e1471  2007.1/i586/apache-mod_proxy_ajp-2.2.4-6.1mdv2007.1.i586.rpm
 f9853d6370b283ef32279200770fd13b  2007.1/i586/apache-mod_ssl-2.2.4-6.1mdv2007.1.i586.rpm
 27b683c0dbc1ad12c05948d152b551ec  2007.1/i586/apache-mod_userdir-2.2.4-6.1mdv2007.1.i586.rpm
 6ecbb209db716ce8ae0f8668f132cf26  2007.1/i586/apache-modules-2.2.4-6.1mdv2007.1.i586.rpm
 5946ff0a4c99c9be909c4540cd971c76  2007.1/i586/apache-mpm-event-2.2.4-6.1mdv2007.1.i586.rpm
 bfc5894f8f209d4a3acc1b18ede81e4c  2007.1/i586/apache-mpm-itk-2.2.4-6.1mdv2007.1.i586.rpm
 c8a70a6a37ad584804399fd5af0b090c  2007.1/i586/apache-mpm-prefork-2.2.4-6.1mdv2007.1.i586.rpm
 b59dc391e2e9d696328497c9291784f4  2007.1/i586/apache-mpm-worker-2.2.4-6.1mdv2007.1.i586.rpm
 b05a56d0ab3ca75c55fd3f420a716c42  2007.1/i586/apache-source-2.2.4-6.1mdv2007.1.i586.rpm 
 24487530b467d8135e6ce36fc8cacb99  2007.1/SRPMS/apache-2.2.4-6.1mdv2007.1.src.rpm

2007.1 x86_64

 548305181ded6a4071662fdbbd610e0b  2007.1/x86_64/apache-base-2.2.4-6.1mdv2007.1.x86_64.rpm
 ec465046db3e57e2a06904816faa8e2d  2007.1/x86_64/apache-devel-2.2.4-6.1mdv2007.1.x86_64.rpm
 791eb1195bd01c52702e6310f032316e  2007.1/x86_64/apache-htcacheclean-2.2.4-6.1mdv2007.1.x86_64.rpm
 a0fe2302b171a519255687bf85601ddb  2007.1/x86_64/apache-mod_authn_dbd-2.2.4-6.1mdv2007.1.x86_64.rpm
 9c96d9f32465d62c4404061e4d0012d0  2007.1/x86_64/apache-mod_cache-2.2.4-6.1mdv2007.1.x86_64.rpm
 95884e90d15554745bf62c760101994b  2007.1/x86_64/apache-mod_dav-2.2.4-6.1mdv2007.1.x86_64.rpm
 7c152275d08a67fb28f4a975fc33c5b4  2007.1/x86_64/apache-mod_dbd-2.2.4-6.1mdv2007.1.x86_64.rpm
 490d50a3dc85cffef3a433138620f9c2  2007.1/x86_64/apache-mod_deflate-2.2.4-6.1mdv2007.1.x86_64.rpm
 c9a3cc01541535f9bbd02efdd433e81b  2007.1/x86_64/apache-mod_disk_cache-2.2.4-6.1mdv2007.1.x86_64.rpm
 4e11d73fe34c4686a9e3c7ef2558097e  2007.1/x86_64/apache-mod_file_cache-2.2.4-6.1mdv2007.1.x86_64.rpm
 b38388ee91ccbdd853c57619e5320e77  2007.1/x86_64/apache-mod_ldap-2.2.4-6.1mdv2007.1.x86_64.rpm
 da76a4efd01613ef08521bcd5be12530  2007.1/x86_64/apache-mod_mem_cache-2.2.4-6.1mdv2007.1.x86_64.rpm
 9d96a768da7e259fc11a0910eaef928b  2007.1/x86_64/apache-mod_proxy-2.2.4-6.1mdv2007.1.x86_64.rpm
 c4f13735ac30fc9f1b25c35c4c94a249  2007.1/x86_64/apache-mod_proxy_ajp-2.2.4-6.1mdv2007.1.x86_64.rpm
 8ebbd94f20f1a128ea991b9ead983842  2007.1/x86_64/apache-mod_ssl-2.2.4-6.1mdv2007.1.x86_64.rpm
 245e8ce6f31412f7b42add83f0420f83  2007.1/x86_64/apache-mod_userdir-2.2.4-6.1mdv2007.1.x86_64.rpm
 45ab84161e1db80129d9ad240893e694  2007.1/x86_64/apache-modules-2.2.4-6.1mdv2007.1.x86_64.rpm
 5441fda9615d1fa5b222557ee721988a  2007.1/x86_64/apache-mpm-event-2.2.4-6.1mdv2007.1.x86_64.rpm
 dad68718c59d2634e5d5bfa492f46784  2007.1/x86_64/apache-mpm-itk-2.2.4-6.1mdv2007.1.x86_64.rpm
 59b064d4490d0996db8aeb1f25a3add9  2007.1/x86_64/apache-mpm-prefork-2.2.4-6.1mdv2007.1.x86_64.rpm
 e36d1a4b62f64c4a07027e4ec219e5c4  2007.1/x86_64/apache-mpm-worker-2.2.4-6.1mdv2007.1.x86_64.rpm
 bfc9e51db070106e3b0aaa90e7ab3afe  2007.1/x86_64/apache-source-2.2.4-6.1mdv2007.1.x86_64.rpm 
 24487530b467d8135e6ce36fc8cacb99  2007.1/SRPMS/apache-2.2.4-6.1mdv2007.1.src.rpm

Referenzen