[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[debian-users:52747] [Translate] [SECURITY] [DSA 1834-2] New apache/apache2-mpm-itk fix regression
かねこです。
URL 等は Debian-security-announce メーリングリストの元記事を確認
ください。
------>8------------>8------------>8------------>8------------>8-
- ------------------------------------------------------------------------
Debian Security Advisory DSA-1834-2 security@debian.org
http://www.debian.org/security/ Stefan Fritsch
July 31, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------
Package : apache2
Vulnerability : サービス拒否攻撃
Problem type : リモート
Debian-specific: いいえ
CVE Id(s) : CVE-2009-1890 CVE-2009-1891
以前の更新で Debian 4.0 "etch" にバグを作り込んでしまいました。
mod_deflate と mod_php を併せて使った場合、クライアントが接続を切った際
に SEGFAULT を起こしてしまいます。今回の更新はこの問題に対処します。念
のため元の勧告を再掲します。
旧安定版 (oldstable) ディストリビューション (etch) では、この問題はバー
ジョン 2.2.3-4+etch10 で修正されています。
他のディストリビューション安定版 (lenny)、テスト版 (squeeze)、不安定版
(unstable) sid にはこの問題の影響はありません。
この勧告では同時に新 apache2 パッケージに対して再コンパイルした更新版の
apache2-mpm-itk パッケージも提供しています。但し、s390 アーキテクチャ向
けの更新済み apache2-mpm-itk パッケージはまだ収録されていません。準備で
きしだい提供の予定です。
直ぐに apache2 (2.2.3-4+etch10), apache2-mpm-itk (2.2.3-01-2+etch4) パッ
ケージをアップグレードすることを勧めます。
アップグレード手順
------------------
wget url
でファイルを取得できます。
dpkg -i file.deb
で参照されたファイルをインストールできます。
apt-get パッケージマネージャを用いている場合には、本メールのフッタ記載の
行を sources.list に加えて、
apt-get update
を実行して内部データベースを更新し、
apt-get upgrade
によって修正されたパッケージをインストールしてください。
本メールのフッタ記載の設定を自ホストの設定に加えることにより、自動更新を
行うこともできます。
Debian GNU/Linux 4.0 alias etch
- -------------------------------
Debian (old stable)
- ------------------
旧安定版の更新は、alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel,
powerpc, s390 および sparc の各アーキテクチャで提供されています。
.
ソースアーカイブ:
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch10.diff.gz
Size/MD5 checksum: 127383 f93c44605a130b89c93b967c6e6bb32f
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01.orig.tar.gz
Size/MD5 checksum: 29071 63daaf8812777aacfd5a31ead4ff0061
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4.diff.gz
Size/MD5 checksum: 12732 f46b409815f523fb15fc2b013bece3b2
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch10.dsc
Size/MD5 checksum: 1070 4baefcb4c6ec1f2d146f1387a5240026
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4.dsc
Size/MD5 checksum: 676 b385d6a3a328371323c79c7906deb5bf
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3.orig.tar.gz
Size/MD5 checksum: 6342475 f72ffb176e2dc7b322be16508c09f63c
アーキテクチャに依存しないパッケージ:
http://security.debian.org/pool/updates/main/a/apache2/apache2-src_2.2.3-4+etch10_all.deb
Size/MD5 checksum: 6673900 95cf69a8148a93569f183e417753226d
http://security.debian.org/pool/updates/main/a/apache2/apache2_2.2.3-4+etch10_all.deb
Size/MD5 checksum: 41480 dc99f23beb96a0a743d3d61d6c8d941d
http://security.debian.org/pool/updates/main/a/apache2/apache2-doc_2.2.3-4+etch10_all.deb
Size/MD5 checksum: 2243464 1239e372d92afb5551cfa6018e509797
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-perchild_2.2.3-4+etch10_all.deb
Size/MD5 checksum: 274332 5ac8887f0d4b5e46a2d6461a1c75234d
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch10_alpha.deb
Size/MD5 checksum: 345878 09b90c946e6bfab4df70096345b73753
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch10_alpha.deb
Size/MD5 checksum: 445144 c578da017ebba196a95e148b22f45e0f
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch10_alpha.deb
Size/MD5 checksum: 409542 7a2897d2effa66ce0e8125e81c12d98e
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch10_alpha.deb
Size/MD5 checksum: 410448 f6b3abb4d3f7e58f5439969bacdcd693
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4_alpha.deb
Size/MD5 checksum: 185014 699e45fb31514a058a69fb6c6e7bc7ae
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch10_alpha.deb
Size/MD5 checksum: 1043540 f438e482259956a7e0f110dc28ac868a
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch10_alpha.deb
Size/MD5 checksum: 449444 f0b040f783a19ea83aa7fc195dfd5b95
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch10_alpha.deb
Size/MD5 checksum: 450050 9fe6f4b3f9006c9932161272a78c6fdf
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch10_amd64.deb
Size/MD5 checksum: 999344 76762c4b207fc51a41ba2352a830de5b
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch10_amd64.deb
Size/MD5 checksum: 408140 8c7838b3bdb58da06e2d1b38ac108c5d
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch10_amd64.deb
Size/MD5 checksum: 436052 ee0c8c2b7f68310c638797ddb17e63d4
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4_amd64.deb
Size/MD5 checksum: 172670 95a2ae134db345fa0d511c8195c975da
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch10_amd64.deb
Size/MD5 checksum: 436550 93036fabc3c61c162386e8d60be0b748
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch10_amd64.deb
Size/MD5 checksum: 432066 a9135049fd176e5110c8835d735ac37c
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch10_amd64.deb
Size/MD5 checksum: 341944 b95dffeda21dd8e9e57f95d7dcf2c6db
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch10_amd64.deb
Size/MD5 checksum: 408854 e57b29deda62fd0a7166058c9714a4af
arm architecture (ARM)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch10_arm.deb
Size/MD5 checksum: 421544 318e056fc1eba12581f8cd68a58a2efe
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch10_arm.deb
Size/MD5 checksum: 420848 855526f42acaf33e10f39156c0ef86a7
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch10_arm.deb
Size/MD5 checksum: 967868 1d5b37c9e9b43447c09d859f48e3db08
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch10_arm.deb
Size/MD5 checksum: 416808 98bf5d67c2c5c1a0bcdaf5dd0e4a84b4
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch10_arm.deb
Size/MD5 checksum: 346016 b8ebca72754f2a5c060fd0707dae0b48
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4_arm.deb
Size/MD5 checksum: 157494 0699661a334ce691bee31bda2b5aea13
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch10_arm.deb
Size/MD5 checksum: 407924 169a45721a2a2348b9d4fd9ca4018638
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch10_arm.deb
Size/MD5 checksum: 408736 3e3285544b775977559a7b5a667e9467
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch10_hppa.deb
Size/MD5 checksum: 439794 ae3ee116b4f6734d19e2608c986f20a7
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch10_hppa.deb
Size/MD5 checksum: 410668 0332975eef0ca8914493434c81a3b57c
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch10_hppa.deb
Size/MD5 checksum: 351926 aba7da336587d20e3472c42399a60cbb
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch10_hppa.deb
Size/MD5 checksum: 443764 94b899d6e77c0a1138a1adca32e964d4
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch10_hppa.deb
Size/MD5 checksum: 409798 87358d3a8d78ae38b43147ffc005dbea
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch10_hppa.deb
Size/MD5 checksum: 1078344 5c5df848f29a6b94edd74aaa1938339d
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch10_hppa.deb
Size/MD5 checksum: 443176 a3418d816ee5814bf8e4e1782ebf1a13
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4_hppa.deb
Size/MD5 checksum: 179290 76bada2a7c0b4ce41781da02bc1d6854
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch10_i386.deb
Size/MD5 checksum: 424296 1ac7e4c1b706756a3c68373994eee40d
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4_i386.deb
Size/MD5 checksum: 160986 f072fe639f1ecfd54c308854f2bf835e
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch10_i386.deb
Size/MD5 checksum: 342538 0cde1185cf0ad60b108a1495920279bb
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch10_i386.deb
Size/MD5 checksum: 410152 fff23ec5be34b4bb737b82193027d1f5
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch10_i386.deb
Size/MD5 checksum: 409140 41ab1d141fc82da6ae31151cc4fbf9cd
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch10_i386.deb
Size/MD5 checksum: 419960 ad49cd170aa024b5675824bc7ad7f5a9
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch10_i386.deb
Size/MD5 checksum: 423772 7d65eb2f244037796be8a002b2c5a8aa
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch10_i386.deb
Size/MD5 checksum: 962518 0c15eacb1a69d8a4c1fe8b51357355ca
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch10_ia64.deb
Size/MD5 checksum: 360442 5390c02c0408fd09da0c80dcbe64213f
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch10_ia64.deb
Size/MD5 checksum: 407446 c36f9d80cd0797b87350bf6143e9ee73
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch10_ia64.deb
Size/MD5 checksum: 490906 9a344d49dc0ec7520d0f643fc3146aa6
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch10_ia64.deb
Size/MD5 checksum: 497976 7317cb12cb6221de213560ded3b70d23
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch10_ia64.deb
Size/MD5 checksum: 1204042 68ebaec425c18cccc50de59cf02a4299
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch10_ia64.deb
Size/MD5 checksum: 497164 f9b49290d914a08bde04dfbb7fe8e08c
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch10_ia64.deb
Size/MD5 checksum: 406794 fc9a49dd15f1b4ff329eaa1c34a42010
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4_ia64.deb
Size/MD5 checksum: 231680 3c7bef395cd12838a2558a283de92b36
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch10_mips.deb
Size/MD5 checksum: 407450 0b4e8f985961199ab4544d7473c97fb8
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch10_mips.deb
Size/MD5 checksum: 429886 8187f9ba100e7c0888e380d550fc0a9f
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch10_mips.deb
Size/MD5 checksum: 349856 0af264b2e9786b205f41bd98178bd57c
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4_mips.deb
Size/MD5 checksum: 170252 1231b6309bcf7bdf0e0da6056b5f476a
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch10_mips.deb
Size/MD5 checksum: 951382 10a60cd2f5b966e57b978e02c55d579b
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch10_mips.deb
Size/MD5 checksum: 433908 da8b85f735da139c1f1c7518d3ddf044
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch10_mips.deb
Size/MD5 checksum: 434564 e0ef1472f70fe37b0ba922c56100f934
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch10_mips.deb
Size/MD5 checksum: 406790 d8805ca4ccb44dd6df20a99f75fcae56
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch10_mipsel.deb
Size/MD5 checksum: 433410 03caef7359294827ca37daf9e12eca88
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch10_mipsel.deb
Size/MD5 checksum: 406794 2eb44e4936c0d66460f128bacc64d6a2
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4_mipsel.deb
Size/MD5 checksum: 168612 d9bf709f9c8e6c3bd1a0b610e2c14997
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch10_mipsel.deb
Size/MD5 checksum: 350096 e9171305fd5073da24561a594a0e7ce7
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch10_mipsel.deb
Size/MD5 checksum: 407444 afd60533d6769b415ed72160009599f0
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch10_mipsel.deb
Size/MD5 checksum: 428732 694d06725c3f3069c5474a1eba8bc5d8
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch10_mipsel.deb
Size/MD5 checksum: 951118 40581cf551d7e6ef3daff28b15d27b43
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch10_mipsel.deb
Size/MD5 checksum: 434082 4e6d114481480983ebe412e59f3144a1
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch10_powerpc.deb
Size/MD5 checksum: 409238 ee52afe172a6adff0fb2189527feb1ab
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4_powerpc.deb
Size/MD5 checksum: 167606 5c94bb438e858477696f14f9e8c4ddd6
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch10_powerpc.deb
Size/MD5 checksum: 354700 91bec57127d987f81063f403eb135aed
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch10_powerpc.deb
Size/MD5 checksum: 428560 d4e4f84b31105d642438a98d1cd77115
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch10_powerpc.deb
Size/MD5 checksum: 433126 8eebf2551b490b17446d3d32d0260387
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch10_powerpc.deb
Size/MD5 checksum: 432548 dbe2d1e2911315057ca5abde7ed6cbb8
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch10_powerpc.deb
Size/MD5 checksum: 409992 9371af946dc7a6f4155dc3003de1177b
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch10_powerpc.deb
Size/MD5 checksum: 1060574 b7fec9b18fd7df2cf136ca125c12e4b6
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch10_s390.deb
Size/MD5 checksum: 437110 aa86e0b23b46beeaaa5438336fe04552
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch10_s390.deb
Size/MD5 checksum: 406788 d5e931d2fdf36c7fb983e7e1f710653c
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch10_s390.deb
Size/MD5 checksum: 407450 932daa00b0a6d967b1af613ea0930034
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch10_s390.deb
Size/MD5 checksum: 348416 70b8e219b4c86095065b11875ec83b01
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch10_s390.deb
Size/MD5 checksum: 993986 0dd64eb40ee4a89fd3fbff4d1997d30e
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch10_s390.deb
Size/MD5 checksum: 442014 ccb9c5a6ca257e10305cd3772b1d83ff
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch10_s390.deb
Size/MD5 checksum: 443016 4b986bfae8d89f66e8482632d528a449
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-worker_2.2.3-4+etch10_sparc.deb
Size/MD5 checksum: 422172 ffb5cc475c8c9773b588afee5cf2e516
http://security.debian.org/pool/updates/main/a/apache2/apache2.2-common_2.2.3-4+etch10_sparc.deb
Size/MD5 checksum: 959208 3122892629c49a09287803c4f0298281
http://security.debian.org/pool/updates/main/a/apache2/apache2-threaded-dev_2.2.3-4+etch10_sparc.deb
Size/MD5 checksum: 409556 a32ab93bcc5458fa0a6d98634075c6e6
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-event_2.2.3-4+etch10_sparc.deb
Size/MD5 checksum: 422568 8e9b179b70d757b411e76e5b7005ba6e
http://security.debian.org/pool/updates/main/a/apache2-mpm-itk/apache2-mpm-itk_2.2.3-01-2+etch4_sparc.deb
Size/MD5 checksum: 157826 bdc36b078bd4f6cb2a5ed6ea7714a74c
http://security.debian.org/pool/updates/main/a/apache2/apache2-prefork-dev_2.2.3-4+etch10_sparc.deb
Size/MD5 checksum: 408632 a834c57ec1d4022e335f7438038ae042
http://security.debian.org/pool/updates/main/a/apache2/apache2-utils_2.2.3-4+etch10_sparc.deb
Size/MD5 checksum: 343696 db40b0d4b164b8490009aa110621db9c
http://security.debian.org/pool/updates/main/a/apache2/apache2-mpm-prefork_2.2.3-4+etch10_sparc.deb
Size/MD5 checksum: 418790 6e51c4c6412d868e5e55808fd4f6865a
これらのファイルは次の版の安定版リリース時そちらに移されます。
- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
------>8------------>8------------>8------------>8------------>8-
--
Seiji Kaneko skaneko@xxxxxxxxxxxx
---------------------------------------------------------