MDKSA-2005:233 - Updated apache2 packages fix vulnerability in worker MPM

Mandriva 1271 Published by

The Mandriva Security Team published a new security update: MDKSA-2005:233 - Updated apache2 packages fix vulnerability in worker MPM for Mandriva Linux. Here the announcement:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2005:233
http://www.mandriva.com/security/
_______________________________________________________________________

Package : apache2
Date : December 19, 2005
Affected: 10.1, 10.2, 2006.0
_______________________________________________________________________

Problem Description:

A memory leak in the worker MPM in Apache 2 could allow remote
attackers to cause a Denial of Service (memory consumption) via
aborted commands in certain circumstances, which prevents the
memory for the transaction pool from being reused for other
connections.

As well, this update addresses two bugs in the Mandriva 2006 Apache
packges where apachectl was missing and also a segfault that occured
when using the mod_ldap module.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?nameÊN-2005-2970
http://qa.mandriva.com/show_bug.cgi?id764
http://qa.mandriva.com/show_bug.cgi?id 039
_______________________________________________________________________

Updated Packages:

Mandriva Linux 10.1:
2bd9be4b3efe255f4db55fce501d15a8 10.1/RPMS/apache2-2.0.50-7.5.101mdk.i586.rpm
cb9bdc9ef96ce17340128d43b2a00cf0 10.1/RPMS/apache2-common-2.0.50-7.5.101mdk.i586.rpm
aa201695e4c76d17f9a533ad7809660d 10.1/RPMS/apache2-devel-2.0.50-7.5.101mdk.i586.rpm
6e494c490870ed813cbf5b03092a0ed5 10.1/RPMS/apache2-manual-2.0.50-7.5.101mdk.i586.rpm
af3f760be31e9cdcc606a359e0994260 10.1/RPMS/apache2-mod_cache-2.0.50-7.5.101mdk.i586.rpm
6496ac5d42657d967a585dd5244a3138 10.1/RPMS/apache2-mod_dav-2.0.50-7.5.101mdk.i586.rpm
f510bd2caadb07420720ac14aa9e7ba5 10.1/RPMS/apache2-mod_deflate-2.0.50-7.5.101mdk.i586.rpm
51504aa311d28f43ae72d699d56cf2d0 10.1/RPMS/apache2-mod_disk_cache-2.0.50-7.5.101mdk.i586.rpm
7acd176a42ce0f5251e8b1f380fdfe63 10.1/RPMS/apache2-mod_file_cache-2.0.50-7.5.101mdk.i586.rpm
b359fc952ebdc85f7aa8536a644821b9 10.1/RPMS/apache2-mod_ldap-2.0.50-7.5.101mdk.i586.rpm
19b66959762b0b4f5a2ad27741e27d16 10.1/RPMS/apache2-mod_mem_cache-2.0.50-7.5.101mdk.i586.rpm
d12b0ef4e3c8a84d5eb11a7f07d14cca 10.1/RPMS/apache2-mod_proxy-2.0.50-7.5.101mdk.i586.rpm
6705ee3928a58246748d84173c6fa4ce 10.1/RPMS/apache2-modules-2.0.50-7.5.101mdk.i586.rpm
8db8adeabe3dd1f50ff6eb583e502c5f 10.1/RPMS/apache2-source-2.0.50-7.5.101mdk.i586.rpm
00c648dff79ae63e37240c5445462a46 10.1/RPMS/apache2-worker-2.0.50-7.5.101mdk.i586.rpm
14bbad2d7310bc36ba4a70eed392916f 10.1/SRPMS/apache2-2.0.50-7.5.101mdk.src.rpm

Mandriva Linux 10.1/X86_64:
1107fed88c85911bb749b6d579eb18a2 x86_64/10.1/RPMS/apache2-2.0.50-7.5.101mdk.x86_64.rpm
5ff4eb580bb7de3c3ac39ef78cc549b0 x86_64/10.1/RPMS/apache2-common-2.0.50-7.5.101mdk.x86_64.rpm
fcb64e228bb9dc32fae9c12c0cf82e0a x86_64/10.1/RPMS/apache2-devel-2.0.50-7.5.101mdk.x86_64.rpm
5ee31fe2edc48dfe481e6927656fdb73 x86_64/10.1/RPMS/apache2-manual-2.0.50-7.5.101mdk.x86_64.rpm
efee4460197fdce90ceba72e97b0d429 x86_64/10.1/RPMS/apache2-mod_cache-2.0.50-7.5.101mdk.x86_64.rpm
217cd580c01d18e28923dbefbd8956d1 x86_64/10.1/RPMS/apache2-mod_dav-2.0.50-7.5.101mdk.x86_64.rpm
64c018efd41b3b9265ef73a9589551b8 x86_64/10.1/RPMS/apache2-mod_deflate-2.0.50-7.5.101mdk.x86_64.rpm
e4bdf02a516b061b6f783d6be5ad6484 x86_64/10.1/RPMS/apache2-mod_disk_cache-2.0.50-7.5.101mdk.x86_64.rpm
eb8843b6a5da24a283e56add50fe5ff6 x86_64/10.1/RPMS/apache2-mod_file_cache-2.0.50-7.5.101mdk.x86_64.rpm
a70b84f0f6e916eb3d72474fac8054c0 x86_64/10.1/RPMS/apache2-mod_ldap-2.0.50-7.5.101mdk.x86_64.rpm
723fe53862f96148b00bb9eb49eac03f x86_64/10.1/RPMS/apache2-mod_mem_cache-2.0.50-7.5.101mdk.x86_64.rpm
bf6c31bd761c55ba63118aa0ed097430 x86_64/10.1/RPMS/apache2-mod_proxy-2.0.50-7.5.101mdk.x86_64.rpm
302e2e4e747f543e70f240415a1dc249 x86_64/10.1/RPMS/apache2-modules-2.0.50-7.5.101mdk.x86_64.rpm
cc67b2591839741292daceb69ceebeec x86_64/10.1/RPMS/apache2-source-2.0.50-7.5.101mdk.x86_64.rpm
8d19a5c232217dc9d37a8a6c7e54af58 x86_64/10.1/RPMS/apache2-worker-2.0.50-7.5.101mdk.x86_64.rpm
14bbad2d7310bc36ba4a70eed392916f x86_64/10.1/SRPMS/apache2-2.0.50-7.5.101mdk.src.rpm

Mandriva Linux 10.2:
7a717d4449621c80af6dee5d27930768 10.2/RPMS/apache2-2.0.53-9.3.102mdk.i586.rpm
183860d6f66c54c83f1775b633740aae 10.2/RPMS/apache2-common-2.0.53-9.3.102mdk.i586.rpm
f0a72c6c2149adc594509306e023ed5d 10.2/RPMS/apache2-devel-2.0.53-9.3.102mdk.i586.rpm
a061470d1ed5a2138ecaff29c5c6886d 10.2/RPMS/apache2-manual-2.0.53-9.3.102mdk.i586.rpm
bc74e9cc29cb7e23a1fe65bb0ed3920f 10.2/RPMS/apache2-mod_cache-2.0.53-9.3.102mdk.i586.rpm
cd12164f2469ba93a5d2b12580fe649c 10.2/RPMS/apache2-mod_dav-2.0.53-9.3.102mdk.i586.rpm
a60dd49e55ebe94555f32565daf7afd5 10.2/RPMS/apache2-mod_deflate-2.0.53-9.3.102mdk.i586.rpm
a9879d4626cc9caff65b07a80eba98df 10.2/RPMS/apache2-mod_disk_cache-2.0.53-9.3.102mdk.i586.rpm
735d990fc88f84c0909cfad79a8bff81 10.2/RPMS/apache2-mod_file_cache-2.0.53-9.3.102mdk.i586.rpm
f21bd7e0044a979f6fdda069a3b6d249 10.2/RPMS/apache2-mod_ldap-2.0.53-9.3.102mdk.i586.rpm
17100953c39108c5e2fdd717424fc037 10.2/RPMS/apache2-mod_mem_cache-2.0.53-9.3.102mdk.i586.rpm
a13025b3c7c172f2ff6e7a5dd2c08b7e 10.2/RPMS/apache2-mod_proxy-2.0.53-9.3.102mdk.i586.rpm
941683647c0c5fb7b4bc75bf31a21bd1 10.2/RPMS/apache2-modules-2.0.53-9.3.102mdk.i586.rpm
2b27d3bc4b7a7f64f46ce188942a48e7 10.2/RPMS/apache2-peruser-2.0.53-9.3.102mdk.i586.rpm
627a8f20409c88205cf986a06aabd619 10.2/RPMS/apache2-source-2.0.53-9.3.102mdk.i586.rpm
040f062644ea9b4e3b1911c3a3c86bf1 10.2/RPMS/apache2-worker-2.0.53-9.3.102mdk.i586.rpm
9394a8045e4b30ab718f12af30a6419c 10.2/SRPMS/apache2-2.0.53-9.3.102mdk.src.rpm

Mandriva Linux 10.2/X86_64:
8adf3cec1469b1438fc1bcc39617f44c x86_64/10.2/RPMS/apache2-2.0.53-9.3.102mdk.x86_64.rpm
5f76fa8d3861639458c81c69871c5f9b x86_64/10.2/RPMS/apache2-common-2.0.53-9.3.102mdk.x86_64.rpm
50a6a93d1253149ad9e806374b4504c3 x86_64/10.2/RPMS/apache2-devel-2.0.53-9.3.102mdk.x86_64.rpm
c8cd7c7e195c437bccf42a9f258fdf8f x86_64/10.2/RPMS/apache2-manual-2.0.53-9.3.102mdk.x86_64.rpm
0823b168372f197fa6999a9e2d05de3f x86_64/10.2/RPMS/apache2-mod_cache-2.0.53-9.3.102mdk.x86_64.rpm
05860b6902213d4d79176d04b63dd3be x86_64/10.2/RPMS/apache2-mod_dav-2.0.53-9.3.102mdk.x86_64.rpm
24c72e1292c058019800339127e635e4 x86_64/10.2/RPMS/apache2-mod_deflate-2.0.53-9.3.102mdk.x86_64.rpm
3045bf69ece21ca53190cdb406c666bf x86_64/10.2/RPMS/apache2-mod_disk_cache-2.0.53-9.3.102mdk.x86_64.rpm
6aa53566606b45d996eb1971beb3e99d x86_64/10.2/RPMS/apache2-mod_file_cache-2.0.53-9.3.102mdk.x86_64.rpm
c3546e238ad287b54c48fe3511cbe2c9 x86_64/10.2/RPMS/apache2-mod_ldap-2.0.53-9.3.102mdk.x86_64.rpm
65425eab43d9d73bbcb74415681131bf x86_64/10.2/RPMS/apache2-mod_mem_cache-2.0.53-9.3.102mdk.x86_64.rpm
83d77981adab93bcb0ac9dc7710411e9 x86_64/10.2/RPMS/apache2-mod_proxy-2.0.53-9.3.102mdk.x86_64.rpm
fd9aeb855cf55bb3dad084d961a0b464 x86_64/10.2/RPMS/apache2-modules-2.0.53-9.3.102mdk.x86_64.rpm
5d35f5d27d79cbcedf7364145934ab4c x86_64/10.2/RPMS/apache2-peruser-2.0.53-9.3.102mdk.x86_64.rpm
616167bc2777e66515bb2ab97b2120e1 x86_64/10.2/RPMS/apache2-source-2.0.53-9.3.102mdk.x86_64.rpm
0f0818c4e0aa253243bf4ed75bb262ee x86_64/10.2/RPMS/apache2-worker-2.0.53-9.3.102mdk.x86_64.rpm
9394a8045e4b30ab718f12af30a6419c x86_64/10.2/SRPMS/apache2-2.0.53-9.3.102mdk.src.rpm

Mandriva Linux 2006.0:
8c2e56237762ca2b920a1a55d7420016 2006.0/RPMS/apache-base-2.0.54-13.1.20060mdk.i586.rpm
1d9a5e33955305d489df97ab89ef52aa 2006.0/RPMS/apache-devel-2.0.54-13.1.20060mdk.i586.rpm
8d9f566878a21e83c27ad01cc379f338 2006.0/RPMS/apache-mod_cache-2.0.54-13.1.20060mdk.i586.rpm
1f94fcf8699c61a32d4398bf1eb276e1 2006.0/RPMS/apache-mod_dav-2.0.54-13.1.20060mdk.i586.rpm
d4de68206b8d739a2c05a0b6128b9e31 2006.0/RPMS/apache-mod_deflate-2.0.54-13.1.20060mdk.i586.rpm
35cbfea9284dcbdf80b3290b3ba9bdc1 2006.0/RPMS/apache-mod_disk_cache-2.0.54-13.1.20060mdk.i586.rpm
c2f06b3fc1ef1997ad07ae5ab250b8ec 2006.0/RPMS/apache-mod_file_cache-2.0.54-13.1.20060mdk.i586.rpm
8adc73861339e6fce0cab039f3290f10 2006.0/RPMS/apache-mod_ldap-2.0.54-13.1.20060mdk.i586.rpm
07674c7c5b7a8c47ec660715983b89f5 2006.0/RPMS/apache-mod_mem_cache-2.0.54-13.1.20060mdk.i586.rpm
179068c127a2cf35994db139effd5aff 2006.0/RPMS/apache-mod_proxy-2.0.54-13.1.20060mdk.i586.rpm
3f93fa86ad996d390c3f71335f62e2f2 2006.0/RPMS/apache-modules-2.0.54-13.1.20060mdk.i586.rpm
743f286293b9dcd07882daebd03b5df5 2006.0/RPMS/apache-mod_userdir-2.0.54-13.1.20060mdk.i586.rpm
efcd010c193e3f60582a2ae63afd95ef 2006.0/RPMS/apache-mpm-peruser-2.0.54-13.1.20060mdk.i586.rpm
bfb03e006eedc7b1e0910f9807ce7392 2006.0/RPMS/apache-mpm-prefork-2.0.54-13.1.20060mdk.i586.rpm
ca840aa1b0f0f347ed30536b45eb34a9 2006.0/RPMS/apache-mpm-worker-2.0.54-13.1.20060mdk.i586.rpm
63f8c448522bc1c0ae892bb02eecbb7e 2006.0/RPMS/apache-source-2.0.54-13.1.20060mdk.i586.rpm
b74ea800182ad60fd8f8ae092d7b3964 2006.0/SRPMS/apache-2.0.54-13.1.20060mdk.src.rpm

Mandriva Linux 2006.0/X86_64:
17ee0266edad70b1539a76cc54b427bf x86_64/2006.0/RPMS/apache-base-2.0.54-13.1.20060mdk.x86_64.rpm
1137d500824c067c57599a8f3fbeebb1 x86_64/2006.0/RPMS/apache-devel-2.0.54-13.1.20060mdk.x86_64.rpm
adf8be47f522c8b1dc54ac65dc5093db x86_64/2006.0/RPMS/apache-mod_cache-2.0.54-13.1.20060mdk.x86_64.rpm
40abf9129488584b3f5a8ef640c24e25 x86_64/2006.0/RPMS/apache-mod_dav-2.0.54-13.1.20060mdk.x86_64.rpm
76e319bbd6ee24e26e7e6ff6c320a117 x86_64/2006.0/RPMS/apache-mod_deflate-2.0.54-13.1.20060mdk.x86_64.rpm
3883e6d6e7eb1a5d2b78fde6cc518e77 x86_64/2006.0/RPMS/apache-mod_disk_cache-2.0.54-13.1.20060mdk.x86_64.rpm
6fb0017dd601263cccc1fbba206fff1e x86_64/2006.0/RPMS/apache-mod_file_cache-2.0.54-13.1.20060mdk.x86_64.rpm
88896435cd517befcd3bdf204bf252cc x86_64/2006.0/RPMS/apache-mod_ldap-2.0.54-13.1.20060mdk.x86_64.rpm
20103975292445f4ee9f5447541fa7d4 x86_64/2006.0/RPMS/apache-mod_mem_cache-2.0.54-13.1.20060mdk.x86_64.rpm
1f666354f9d874b86d2c221214acb456 x86_64/2006.0/RPMS/apache-mod_proxy-2.0.54-13.1.20060mdk.x86_64.rpm
b14f7af9d81118e2b04d3ad7e02b28f9 x86_64/2006.0/RPMS/apache-modules-2.0.54-13.1.20060mdk.x86_64.rpm
ff61d6d64a8b636df70484c157e25157 x86_64/2006.0/RPMS/apache-mod_userdir-2.0.54-13.1.20060mdk.x86_64.rpm
3f7eab0128ecf4b9f6235549435ee786 x86_64/2006.0/RPMS/apache-mpm-peruser-2.0.54-13.1.20060mdk.x86_64.rpm
bf107b37c81711c4b1d76d6fe3a33d4e x86_64/2006.0/RPMS/apache-mpm-prefork-2.0.54-13.1.20060mdk.x86_64.rpm
907f4bacd887c4c7da3d61f8b0bd5307 x86_64/2006.0/RPMS/apache-mpm-worker-2.0.54-13.1.20060mdk.x86_64.rpm
0d1916804450c4d0e4bdfb72eaee2662 x86_64/2006.0/RPMS/apache-source-2.0.54-13.1.20060mdk.x86_64.rpm
b74ea800182ad60fd8f8ae092d7b3964 x86_64/2006.0/SRPMS/apache-2.0.54-13.1.20060mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFDpwLdmqjQ0CJFipgRAsxnAJ4qCp5TBNacrH50QpnTt/keZvwfGwCg2zBV
22XEEzvKprGEQ7WdeMXEz5g=
>BS
-----END PGP SIGNATURE-----

Microsoft Windows Vista Build 5270 Screenshots

McAfee Virus SuperDAT Definitions Update 4653

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...