MDVSA-2010:153
- Package name
- apache
- Date
- 2010-08-16
- Advisory ID
- MDVSA-2010:153
- Affected versions
- 2009.0 x86_64 , 2009.0 i586 , MES5 i586 , MES5 x86_64
Problem description
Multiple vulnerabilities has been found and corrected in apache:
The mod_cache and mod_dav modules in the Apache HTTP Server 2.2.x
before 2.2.16 allow remote attackers to cause a denial of service
(process crash) via a request that lacks a path (CVE-2010-1452).
mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix,
does not close the backend connection if a timeout occurs when reading
a response from a persistent connection, which allows remote attackers
to obtain a potentially sensitive response intended for a different
client in opportunistic circumstances via a normal HTTP request.
NOTE: this is the same issue as CVE-2010-2068, but for a different
OS and set of affected versions (CVE-2010-2791).
Packages for 2009.0 are provided as of the Extended Maintenance
Program. Please visit this link to learn more:
http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been patched to correct these issues.
Updated packages
2009.0 x86_64
c578a6e9a29e81df145a388e8696e8f0 2009.0/x86_64/apache-base-2.2.9-12.10mdv2009.0.x86_64.rpm 168df22318ae9ea5be0f265b9aaa486a 2009.0/x86_64/apache-devel-2.2.9-12.10mdv2009.0.x86_64.rpm 3fd73c32becdc0c7ea67283c3a056e52 2009.0/x86_64/apache-htcacheclean-2.2.9-12.10mdv2009.0.x86_64.rpm 875d0e01dd140f65da24a14eb57ae484 2009.0/x86_64/apache-mod_authn_dbd-2.2.9-12.10mdv2009.0.x86_64.rpm 3247dcd354558d0fe035feda4416c8a0 2009.0/x86_64/apache-mod_cache-2.2.9-12.10mdv2009.0.x86_64.rpm 101c210907cd0e5d289081d80f83892e 2009.0/x86_64/apache-mod_dav-2.2.9-12.10mdv2009.0.x86_64.rpm 10b7a5d979b99bcbf38fdbe0e036a1cf 2009.0/x86_64/apache-mod_dbd-2.2.9-12.10mdv2009.0.x86_64.rpm 82c0a9a58e60d6018447052ad22b4507 2009.0/x86_64/apache-mod_deflate-2.2.9-12.10mdv2009.0.x86_64.rpm fae88ae076de0bc2528f6b01f96c0608 2009.0/x86_64/apache-mod_disk_cache-2.2.9-12.10mdv2009.0.x86_64.rpm a506f22a169f2de5a2705eeb6742fc69 2009.0/x86_64/apache-mod_file_cache-2.2.9-12.10mdv2009.0.x86_64.rpm 069155f234c22f55c30d20bda33dd40a 2009.0/x86_64/apache-mod_ldap-2.2.9-12.10mdv2009.0.x86_64.rpm c4a56e07aabaac67a5fb491b72cbdd5e 2009.0/x86_64/apache-mod_mem_cache-2.2.9-12.10mdv2009.0.x86_64.rpm 842ce796a5ce358267588e62dc6c1d84 2009.0/x86_64/apache-mod_proxy-2.2.9-12.10mdv2009.0.x86_64.rpm de2dfcf5017e07456237ebaebb94b63a 2009.0/x86_64/apache-mod_proxy_ajp-2.2.9-12.10mdv2009.0.x86_64.rpm e7424124fd455d338fe7807085a465f8 2009.0/x86_64/apache-mod_ssl-2.2.9-12.10mdv2009.0.x86_64.rpm cc51ff1bc2bb86fa375c64a83cbe5669 2009.0/x86_64/apache-modules-2.2.9-12.10mdv2009.0.x86_64.rpm bd9169da6ee818841c99f893d97758ab 2009.0/x86_64/apache-mod_userdir-2.2.9-12.10mdv2009.0.x86_64.rpm d786b5b3e993f6b762984939a59188ac 2009.0/x86_64/apache-mpm-event-2.2.9-12.10mdv2009.0.x86_64.rpm 3663a04f5b3bece171140300beca60a6 2009.0/x86_64/apache-mpm-itk-2.2.9-12.10mdv2009.0.x86_64.rpm 1893fd3799e3914f79b4e99435f7f28d 2009.0/x86_64/apache-mpm-peruser-2.2.9-12.10mdv2009.0.x86_64.rpm 08cf47881f23b2f6423c7c0243369468 2009.0/x86_64/apache-mpm-prefork-2.2.9-12.10mdv2009.0.x86_64.rpm b79fc5815401552c1ee4dd411ea60e9e 2009.0/x86_64/apache-mpm-worker-2.2.9-12.10mdv2009.0.x86_64.rpm d03ac2690298a61b630ec151fef1110b 2009.0/x86_64/apache-source-2.2.9-12.10mdv2009.0.x86_64.rpm ffc80b53691b9200454d986e66728aa2 2009.0/SRPMS/apache-2.2.9-12.10mdv2009.0.src.rpm
2009.0 i586
238de136ebd4ef12d69c2bc8a3e3d3be 2009.0/i586/apache-base-2.2.9-12.10mdv2009.0.i586.rpm 141124279c0755c0299d59587f0eafeb 2009.0/i586/apache-devel-2.2.9-12.10mdv2009.0.i586.rpm 05cf83c379680e3ed51340b42d084b54 2009.0/i586/apache-htcacheclean-2.2.9-12.10mdv2009.0.i586.rpm 9e1f554bb3705dedaddba825f1b56403 2009.0/i586/apache-mod_authn_dbd-2.2.9-12.10mdv2009.0.i586.rpm 9a3655c03604fcd04b4d1e0e34dedffc 2009.0/i586/apache-mod_cache-2.2.9-12.10mdv2009.0.i586.rpm 0a92ae5396ef3bc58481964474fbbb19 2009.0/i586/apache-mod_dav-2.2.9-12.10mdv2009.0.i586.rpm 63df221d5cf990cd347466419a8b0377 2009.0/i586/apache-mod_dbd-2.2.9-12.10mdv2009.0.i586.rpm 1b2dbf225749350a9bb7dcdf20b92227 2009.0/i586/apache-mod_deflate-2.2.9-12.10mdv2009.0.i586.rpm 5ecc8f17635dd7e7428292628daeda79 2009.0/i586/apache-mod_disk_cache-2.2.9-12.10mdv2009.0.i586.rpm 8fab3607fe02e1564939f8c20f0d207b 2009.0/i586/apache-mod_file_cache-2.2.9-12.10mdv2009.0.i586.rpm 88cd61a082b42899bda94777ab7e62aa 2009.0/i586/apache-mod_ldap-2.2.9-12.10mdv2009.0.i586.rpm 1ff181c8481cda668fcb129052ab094c 2009.0/i586/apache-mod_mem_cache-2.2.9-12.10mdv2009.0.i586.rpm 6eedc6c5d7727f408882a07d0408bbdd 2009.0/i586/apache-mod_proxy-2.2.9-12.10mdv2009.0.i586.rpm ba21753018cb8fb4aa4750e8fe77e022 2009.0/i586/apache-mod_proxy_ajp-2.2.9-12.10mdv2009.0.i586.rpm 2a90910cff8efc4dd4c61db469548bf5 2009.0/i586/apache-mod_ssl-2.2.9-12.10mdv2009.0.i586.rpm 35e3bca53a5880a07b24ad72f6dd6d07 2009.0/i586/apache-modules-2.2.9-12.10mdv2009.0.i586.rpm 62e5846e1811ba312d6bb8f049493788 2009.0/i586/apache-mod_userdir-2.2.9-12.10mdv2009.0.i586.rpm 0f15da6722a641d7d5e5b911e8c0cece 2009.0/i586/apache-mpm-event-2.2.9-12.10mdv2009.0.i586.rpm 9b9f2d505afcc686c7d7fd1fb80615f7 2009.0/i586/apache-mpm-itk-2.2.9-12.10mdv2009.0.i586.rpm d839ec4ccd71e89115f9f62cd6ceee36 2009.0/i586/apache-mpm-peruser-2.2.9-12.10mdv2009.0.i586.rpm e4ae2a88b622053fe3b319343fadaf1e 2009.0/i586/apache-mpm-prefork-2.2.9-12.10mdv2009.0.i586.rpm 797172063095f4f48199e0f5c6df34df 2009.0/i586/apache-mpm-worker-2.2.9-12.10mdv2009.0.i586.rpm 56a686181dec3713a922e2beb1b74515 2009.0/i586/apache-source-2.2.9-12.10mdv2009.0.i586.rpm ffc80b53691b9200454d986e66728aa2 2009.0/SRPMS/apache-2.2.9-12.10mdv2009.0.src.rpm
MES5 i586
cae43472379d49f78134e2058709677a mes5/i586/apache-base-2.2.9-12.10mdvmes5.1.i586.rpm a71d55063dc1c638e2dfeed6379405e7 mes5/i586/apache-devel-2.2.9-12.10mdvmes5.1.i586.rpm 96c5a3f3408f16608e4aa0eae921eadc mes5/i586/apache-htcacheclean-2.2.9-12.10mdvmes5.1.i586.rpm d91c5806b0647c7de4a7ae5a7acb5901 mes5/i586/apache-mod_authn_dbd-2.2.9-12.10mdvmes5.1.i586.rpm 51709df2ae1d1bbbb80161d17823ed54 mes5/i586/apache-mod_cache-2.2.9-12.10mdvmes5.1.i586.rpm 76d66f1632147a1db2a66ec8449676a7 mes5/i586/apache-mod_dav-2.2.9-12.10mdvmes5.1.i586.rpm c8fc9d26366cf23cb4e02e0ba7c40ab1 mes5/i586/apache-mod_dbd-2.2.9-12.10mdvmes5.1.i586.rpm f407cb9d289d4df8f395b7469221af83 mes5/i586/apache-mod_deflate-2.2.9-12.10mdvmes5.1.i586.rpm 870246ffc86e5453bebc0adeff740f23 mes5/i586/apache-mod_disk_cache-2.2.9-12.10mdvmes5.1.i586.rpm c373b7252a58575f8b100cc9a77897d6 mes5/i586/apache-mod_file_cache-2.2.9-12.10mdvmes5.1.i586.rpm 72b7c2d21a4aa038d384bb15f1171acd mes5/i586/apache-mod_ldap-2.2.9-12.10mdvmes5.1.i586.rpm 7c4d510bdaa58bb13b4281283462d4e8 mes5/i586/apache-mod_mem_cache-2.2.9-12.10mdvmes5.1.i586.rpm e88f86183f1edab93caf98a98496237d mes5/i586/apache-mod_proxy-2.2.9-12.10mdvmes5.1.i586.rpm 5c6f9547a6ff4faad90cf8f4fa6ad841 mes5/i586/apache-mod_proxy_ajp-2.2.9-12.10mdvmes5.1.i586.rpm ebb11a941f84db7fbc28ce274f9e8ba6 mes5/i586/apache-mod_ssl-2.2.9-12.10mdvmes5.1.i586.rpm 9854699e46d9dfdfcabc5cd034c00b96 mes5/i586/apache-modules-2.2.9-12.10mdvmes5.1.i586.rpm 51323be198089431321036224db67d03 mes5/i586/apache-mod_userdir-2.2.9-12.10mdvmes5.1.i586.rpm c046c955c1c506c03197d392df79c748 mes5/i586/apache-mpm-event-2.2.9-12.10mdvmes5.1.i586.rpm 704649a20a5017f880eb36f2759fa835 mes5/i586/apache-mpm-itk-2.2.9-12.10mdvmes5.1.i586.rpm 91003a47a1b7a5be432db522d40c00f8 mes5/i586/apache-mpm-peruser-2.2.9-12.10mdvmes5.1.i586.rpm adb996091556269761169421570ca809 mes5/i586/apache-mpm-prefork-2.2.9-12.10mdvmes5.1.i586.rpm 28d84353ee16bb7945fcfcf8cafd8c66 mes5/i586/apache-mpm-worker-2.2.9-12.10mdvmes5.1.i586.rpm f4ebb8202d84b91e93c79f65188ca23e mes5/i586/apache-source-2.2.9-12.10mdvmes5.1.i586.rpm da98e1bb9ad5504b54849dc44dd0c405 mes5/SRPMS/apache-2.2.9-12.10mdvmes5.1.src.rpm
MES5 x86_64
94082a462cbbedc8c26aab5b6573bf82 mes5/x86_64/apache-base-2.2.9-12.10mdvmes5.1.x86_64.rpm 315b539457792bc6e30b59564d6c1aa5 mes5/x86_64/apache-devel-2.2.9-12.10mdvmes5.1.x86_64.rpm defdf4efb19dfbd2efe8f799957dba00 mes5/x86_64/apache-htcacheclean-2.2.9-12.10mdvmes5.1.x86_64.rpm 46b8507c6df22032fb25df9f1057d473 mes5/x86_64/apache-mod_authn_dbd-2.2.9-12.10mdvmes5.1.x86_64.rpm 08732297da7d96414a6e66d0b5fe4f72 mes5/x86_64/apache-mod_cache-2.2.9-12.10mdvmes5.1.x86_64.rpm 6d059d9fc62ec59c93afb20fe2b1e134 mes5/x86_64/apache-mod_dav-2.2.9-12.10mdvmes5.1.x86_64.rpm 7a6a0e7b8086db5bfde394f0bbff7299 mes5/x86_64/apache-mod_dbd-2.2.9-12.10mdvmes5.1.x86_64.rpm 8977f6e2b5b6bb21f456752a215019b0 mes5/x86_64/apache-mod_deflate-2.2.9-12.10mdvmes5.1.x86_64.rpm a642f9d74eed23992905d4ca26570b1a mes5/x86_64/apache-mod_disk_cache-2.2.9-12.10mdvmes5.1.x86_64.rpm 6c583416f58264f0e6be8a8dfd426715 mes5/x86_64/apache-mod_file_cache-2.2.9-12.10mdvmes5.1.x86_64.rpm 40092f4dd75fdb25506c136c6ae1cd87 mes5/x86_64/apache-mod_ldap-2.2.9-12.10mdvmes5.1.x86_64.rpm c4323601dc144cb51e024cf178dfe414 mes5/x86_64/apache-mod_mem_cache-2.2.9-12.10mdvmes5.1.x86_64.rpm 584fff4d5eb4b4c55da1d298468fab68 mes5/x86_64/apache-mod_proxy-2.2.9-12.10mdvmes5.1.x86_64.rpm cd69b1c53233a546f26ac1a06a56b76f mes5/x86_64/apache-mod_proxy_ajp-2.2.9-12.10mdvmes5.1.x86_64.rpm 68d9fcdd47f4767dfb4e58f210c31d97 mes5/x86_64/apache-mod_ssl-2.2.9-12.10mdvmes5.1.x86_64.rpm 86c8a0a66627ad73123a7a8f19442c08 mes5/x86_64/apache-modules-2.2.9-12.10mdvmes5.1.x86_64.rpm de0d632919fc6edfd091f3b1871c0ca9 mes5/x86_64/apache-mod_userdir-2.2.9-12.10mdvmes5.1.x86_64.rpm 0e4d84870327be57163579b66c3ac104 mes5/x86_64/apache-mpm-event-2.2.9-12.10mdvmes5.1.x86_64.rpm 0959bfed96992d16c58f9ee22c04af07 mes5/x86_64/apache-mpm-itk-2.2.9-12.10mdvmes5.1.x86_64.rpm 43eb9f6c352bbbe049628bbd41756b9b mes5/x86_64/apache-mpm-peruser-2.2.9-12.10mdvmes5.1.x86_64.rpm 919a363ca56831f04f2e622cc1a192f3 mes5/x86_64/apache-mpm-prefork-2.2.9-12.10mdvmes5.1.x86_64.rpm ec1d3e1ae8c2bc3e547fd8f095fcfe23 mes5/x86_64/apache-mpm-worker-2.2.9-12.10mdvmes5.1.x86_64.rpm 7637fb712b7b08cffda967a66c3c47aa mes5/x86_64/apache-source-2.2.9-12.10mdvmes5.1.x86_64.rpm da98e1bb9ad5504b54849dc44dd0c405 mes5/SRPMS/apache-2.2.9-12.10mdvmes5.1.src.rpm