Linux Security
Linux Security
Linux Security

Debian: DSA-1834-2: New apache/apache2-mpm-itk fix regression

Date 30 Jul 2009
Posted By LinuxSecurity Advisories
The previous update caused a regression for apache2 in Debian 4.0 "etch". Using mod_deflate together with mod_php could cause segfaults when a client aborts a connection. This update corrects this flaw. For reference the original advisory text is below.
Hash: SHA1

- ------------------------------------------------------------------------
Debian Security Advisory DSA-1834-2                  This email address is being protected from spambots. You need JavaScript enabled to view it.                           Stefan Fritsch
July 31, 2009               
- ------------------------------------------------------------------------

Package        : apache2
Vulnerability  : denial of service
Problem type   : remote
Debian-specific: no
CVE Id(s)      : CVE-2009-1890 CVE-2009-1891

The previous update caused a regression for apache2 in Debian 4.0
"etch". Using mod_deflate together with mod_php could cause segfaults
when a client aborts a connection. This update corrects this flaw.
For reference the original advisory text is below.

A denial of service flaw was found in the Apache mod_proxy module when
it was used as a reverse proxy. A remote attacker could use this flaw
to force a proxy process to consume large amounts of CPU time. This
issue did not affect Debian 4.0 "etch". (CVE-2009-1890)

A denial of service flaw was found in the Apache mod_deflate module.
This module continued to compress large files until compression was
complete, even if the network connection that requested the content
was closed before compression completed. This would cause mod_deflate
to consume large amounts of CPU if mod_deflate was enabled for a large
file. A similar flaw related to HEAD requests for compressed content
was also fixed. (CVE-2009-1891)

The oldstable distribution (etch), this problem has been fixed in
version 2.2.3-4+etch10.

The other distributions stable (lenny), testing (squeeze) and
unstable (sid) were not affected by the regression.

This advisory also provides updated apache2-mpm-itk packages which
have been recompiled against the new apache2 packages.

Updated packages for apache2-mpm-itk for the s390 architecture are
not included yet. They will be released as soon as they become

We recommend that you upgrade your apache2 (2.2.3-4+etch10), apache2-mpm-itk
(2.2.3-01-2+etch4) package.

Upgrade instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Debian (oldstable)
- ------------------

Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.

Source archives:
    Size/MD5 checksum:   127383 f93c44605a130b89c93b967c6e6bb32f
    Size/MD5 checksum:    29071 63daaf8812777aacfd5a31ead4ff0061
    Size/MD5 checksum:    12732 f46b409815f523fb15fc2b013bece3b2
    Size/MD5 checksum:     1070 4baefcb4c6ec1f2d146f1387a5240026
    Size/MD5 checksum:      676 b385d6a3a328371323c79c7906deb5bf
    Size/MD5 checksum:  6342475 f72ffb176e2dc7b322be16508c09f63c

Architecture independent packages:
    Size/MD5 checksum:  6673900 95cf69a8148a93569f183e417753226d
    Size/MD5 checksum:    41480 dc99f23beb96a0a743d3d61d6c8d941d
    Size/MD5 checksum:  2243464 1239e372d92afb5551cfa6018e509797
    Size/MD5 checksum:   274332 5ac8887f0d4b5e46a2d6461a1c75234d

alpha architecture (DEC Alpha)
    Size/MD5 checksum:   345878 09b90c946e6bfab4df70096345b73753
    Size/MD5 checksum:   445144 c578da017ebba196a95e148b22f45e0f
    Size/MD5 checksum:   409542 7a2897d2effa66ce0e8125e81c12d98e
    Size/MD5 checksum:   410448 f6b3abb4d3f7e58f5439969bacdcd693
    Size/MD5 checksum:   185014 699e45fb31514a058a69fb6c6e7bc7ae
    Size/MD5 checksum:  1043540 f438e482259956a7e0f110dc28ac868a
    Size/MD5 checksum:   449444 f0b040f783a19ea83aa7fc195dfd5b95
    Size/MD5 checksum:   450050 9fe6f4b3f9006c9932161272a78c6fdf

amd64 architecture (AMD x86_64 (AMD64))
    Size/MD5 checksum:   999344 76762c4b207fc51a41ba2352a830de5b
    Size/MD5 checksum:   408140 8c7838b3bdb58da06e2d1b38ac108c5d
    Size/MD5 checksum:   436052 ee0c8c2b7f68310c638797ddb17e63d4
    Size/MD5 checksum:   172670 95a2ae134db345fa0d511c8195c975da
    Size/MD5 checksum:   436550 93036fabc3c61c162386e8d60be0b748
    Size/MD5 checksum:   432066 a9135049fd176e5110c8835d735ac37c
    Size/MD5 checksum:   341944 b95dffeda21dd8e9e57f95d7dcf2c6db
    Size/MD5 checksum:   408854 e57b29deda62fd0a7166058c9714a4af

arm architecture (ARM)
    Size/MD5 checksum:   421544 318e056fc1eba12581f8cd68a58a2efe
    Size/MD5 checksum:   420848 855526f42acaf33e10f39156c0ef86a7
    Size/MD5 checksum:   967868 1d5b37c9e9b43447c09d859f48e3db08
    Size/MD5 checksum:   416808 98bf5d67c2c5c1a0bcdaf5dd0e4a84b4
    Size/MD5 checksum:   346016 b8ebca72754f2a5c060fd0707dae0b48
    Size/MD5 checksum:   157494 0699661a334ce691bee31bda2b5aea13
    Size/MD5 checksum:   407924 169a45721a2a2348b9d4fd9ca4018638
    Size/MD5 checksum:   408736 3e3285544b775977559a7b5a667e9467

hppa architecture (HP PA RISC)
    Size/MD5 checksum:   439794 ae3ee116b4f6734d19e2608c986f20a7
    Size/MD5 checksum:   410668 0332975eef0ca8914493434c81a3b57c
    Size/MD5 checksum:   351926 aba7da336587d20e3472c42399a60cbb
    Size/MD5 checksum:   443764 94b899d6e77c0a1138a1adca32e964d4
    Size/MD5 checksum:   409798 87358d3a8d78ae38b43147ffc005dbea
    Size/MD5 checksum:  1078344 5c5df848f29a6b94edd74aaa1938339d
    Size/MD5 checksum:   443176 a3418d816ee5814bf8e4e1782ebf1a13
    Size/MD5 checksum:   179290 76bada2a7c0b4ce41781da02bc1d6854

i386 architecture (Intel ia32)
    Size/MD5 checksum:   424296 1ac7e4c1b706756a3c68373994eee40d
    Size/MD5 checksum:   160986 f072fe639f1ecfd54c308854f2bf835e
    Size/MD5 checksum:   342538 0cde1185cf0ad60b108a1495920279bb
    Size/MD5 checksum:   410152 fff23ec5be34b4bb737b82193027d1f5
    Size/MD5 checksum:   409140 41ab1d141fc82da6ae31151cc4fbf9cd
    Size/MD5 checksum:   419960 ad49cd170aa024b5675824bc7ad7f5a9
    Size/MD5 checksum:   423772 7d65eb2f244037796be8a002b2c5a8aa
    Size/MD5 checksum:   962518 0c15eacb1a69d8a4c1fe8b51357355ca

ia64 architecture (Intel ia64)
    Size/MD5 checksum:   360442 5390c02c0408fd09da0c80dcbe64213f
    Size/MD5 checksum:   407446 c36f9d80cd0797b87350bf6143e9ee73
    Size/MD5 checksum:   490906 9a344d49dc0ec7520d0f643fc3146aa6
    Size/MD5 checksum:   497976 7317cb12cb6221de213560ded3b70d23
    Size/MD5 checksum:  1204042 68ebaec425c18cccc50de59cf02a4299
    Size/MD5 checksum:   497164 f9b49290d914a08bde04dfbb7fe8e08c
    Size/MD5 checksum:   406794 fc9a49dd15f1b4ff329eaa1c34a42010
    Size/MD5 checksum:   231680 3c7bef395cd12838a2558a283de92b36

mips architecture (MIPS (Big Endian))
    Size/MD5 checksum:   407450 0b4e8f985961199ab4544d7473c97fb8
    Size/MD5 checksum:   429886 8187f9ba100e7c0888e380d550fc0a9f
    Size/MD5 checksum:   349856 0af264b2e9786b205f41bd98178bd57c
    Size/MD5 checksum:   170252 1231b6309bcf7bdf0e0da6056b5f476a
    Size/MD5 checksum:   951382 10a60cd2f5b966e57b978e02c55d579b
    Size/MD5 checksum:   433908 da8b85f735da139c1f1c7518d3ddf044
    Size/MD5 checksum:   434564 e0ef1472f70fe37b0ba922c56100f934
    Size/MD5 checksum:   406790 d8805ca4ccb44dd6df20a99f75fcae56

mipsel architecture (MIPS (Little Endian))
    Size/MD5 checksum:   433410 03caef7359294827ca37daf9e12eca88
    Size/MD5 checksum:   406794 2eb44e4936c0d66460f128bacc64d6a2
    Size/MD5 checksum:   168612 d9bf709f9c8e6c3bd1a0b610e2c14997
    Size/MD5 checksum:   350096 e9171305fd5073da24561a594a0e7ce7
    Size/MD5 checksum:   407444 afd60533d6769b415ed72160009599f0
    Size/MD5 checksum:   428732 694d06725c3f3069c5474a1eba8bc5d8
    Size/MD5 checksum:   951118 40581cf551d7e6ef3daff28b15d27b43
    Size/MD5 checksum:   434082 4e6d114481480983ebe412e59f3144a1

powerpc architecture (PowerPC)
    Size/MD5 checksum:   409238 ee52afe172a6adff0fb2189527feb1ab
    Size/MD5 checksum:   167606 5c94bb438e858477696f14f9e8c4ddd6
    Size/MD5 checksum:   354700 91bec57127d987f81063f403eb135aed
    Size/MD5 checksum:   428560 d4e4f84b31105d642438a98d1cd77115
    Size/MD5 checksum:   433126 8eebf2551b490b17446d3d32d0260387
    Size/MD5 checksum:   432548 dbe2d1e2911315057ca5abde7ed6cbb8
    Size/MD5 checksum:   409992 9371af946dc7a6f4155dc3003de1177b
    Size/MD5 checksum:  1060574 b7fec9b18fd7df2cf136ca125c12e4b6

s390 architecture (IBM S/390)
    Size/MD5 checksum:   437110 aa86e0b23b46beeaaa5438336fe04552
    Size/MD5 checksum:   406788 d5e931d2fdf36c7fb983e7e1f710653c
    Size/MD5 checksum:   407450 932daa00b0a6d967b1af613ea0930034
    Size/MD5 checksum:   348416 70b8e219b4c86095065b11875ec83b01
    Size/MD5 checksum:   993986 0dd64eb40ee4a89fd3fbff4d1997d30e
    Size/MD5 checksum:   442014 ccb9c5a6ca257e10305cd3772b1d83ff
    Size/MD5 checksum:   443016 4b986bfae8d89f66e8482632d528a449

sparc architecture (Sun SPARC/UltraSPARC)
    Size/MD5 checksum:   422172 ffb5cc475c8c9773b588afee5cf2e516
    Size/MD5 checksum:   959208 3122892629c49a09287803c4f0298281
    Size/MD5 checksum:   409556 a32ab93bcc5458fa0a6d98634075c6e6
    Size/MD5 checksum:   422568 8e9b179b70d757b411e76e5b7005ba6e
    Size/MD5 checksum:   157826 bdc36b078bd4f6cb2a5ed6ea7714a74c
    Size/MD5 checksum:   408632 a834c57ec1d4022e335f7438038ae042
    Size/MD5 checksum:   343696 db40b0d4b164b8490009aa110621db9c
    Size/MD5 checksum:   418790 6e51c4c6412d868e5e55808fd4f6865a

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
Package info: `apt-cache show ' and

LinuxSecurity Poll

How frequently do you patch/update your system?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum 0 answer(s) and maximum 3 answer(s).
[{"id":"179","title":"As soon as patches\/updates are released - I track advisories for my distro(s) diligently","votes":"69","type":"x","order":"1","pct":75.82,"resources":[]},{"id":"180","title":"Every so often, when I think of it","votes":"14","type":"x","order":"2","pct":15.38,"resources":[]},{"id":"181","title":"Hardly ever","votes":"8","type":"x","order":"3","pct":8.79,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350

Please vote first in order to view vote results.



bottom 200

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.