==========================================================Ubuntu Security Notice USN-802-1 July 13, 2009
apache2 vulnerabilities
CVE-2009-1890, CVE-2009-1891
==========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 6.06 LTS
Ubuntu 8.04 LTS
Ubuntu 8.10
Ubuntu 9.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 6.06 LTS:
apache2-common 2.0.55-4ubuntu2.6
apache2-mpm-perchild 2.0.55-4ubuntu2.6
apache2-mpm-prefork 2.0.55-4ubuntu2.6
apache2-mpm-worker 2.0.55-4ubuntu2.6
libapr0 2.0.55-4ubuntu2.6
Ubuntu 8.04 LTS:
apache2-mpm-event 2.2.8-1ubuntu0.10
apache2-mpm-perchild 2.2.8-1ubuntu0.10
apache2-mpm-prefork 2.2.8-1ubuntu0.10
apache2-mpm-worker 2.2.8-1ubuntu0.10
apache2.2-common 2.2.8-1ubuntu0.10
Ubuntu 8.10:
apache2-mpm-event 2.2.9-7ubuntu3.2
apache2-mpm-prefork 2.2.9-7ubuntu3.2
apache2-mpm-worker 2.2.9-7ubuntu3.2
apache2.2-common 2.2.9-7ubuntu3.2
Ubuntu 9.04:
apache2-mpm-event 2.2.11-2ubuntu2.2
apache2-mpm-prefork 2.2.11-2ubuntu2.2
apache2-mpm-worker 2.2.11-2ubuntu2.2
apache2.2-common 2.2.11-2ubuntu2.2
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
It was discovered that mod_proxy_http did not properly handle a large
amount of streamed data when used as a reverse proxy. A remote attacker
could exploit this and cause a denial of service via memory resource
consumption. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04.
(CVE-2009-1890)
It was discovered that mod_deflate did not abort compressing large files
when the connection was closed. A remote attacker could exploit this and
cause a denial of service via CPU resource consumption. (CVE-2009-1891)
Updated packages for Ubuntu 6.06 LTS:
Source archives:
Size/MD5: 125440 0835eafec701c6f327e82270dca754a1
Size/MD5: 1156 13cf43efabdc8e2180ade01709ff4063
Size/MD5: 6092031 45e32c9432a8e3cf4227f5af91b03622
Architecture independent packages:
Size/MD5: 2125302 f97b87210dc35e7cf1b4014d755f5cc2
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
Size/MD5: 833688 123cb5995bd422cf218db15691284ed2
Size/MD5: 228978 33ea13f64f33acb69b73ad4c2fdfd9ff
Size/MD5: 223958 e94df0f2fdcf8d0bf9e95d5149c58f73
Size/MD5: 228556 4e0c0d0ff7fc315c30250fb3d828cdfd
Size/MD5: 172066 1f4106b81cc09f4bd78e066aef94201b
Size/MD5: 172850 3b433ffaca5e5e36f7ebc2881fd7f1a5
Size/MD5: 94914 b872cbff9cda76856337a278dba5a9ca
Size/MD5: 36956 f628faa804ed2c2b5525952fbd94d5ca
Size/MD5: 286398 3ebb11712b0466f2c3d0b5243d1a0339
Size/MD5: 144970 a8e8615104349a395c695915079eab69
i386 architecture (x86 compatible Intel/AMD):
Size/MD5: 786908 1c3f456b2c87dcf5fd21c9e783f4d06d
Size/MD5: 203576 772d6129a7ef92cf5887c25466fda11b
Size/MD5: 199470 315e863b2ad6aa1b669e7914cebc38a8
Size/MD5: 203002 573f96a5d3787106c8d6007d8afb88f6
Size/MD5: 172066 57fcc673853907cc24c432ef8b0f8e94
Size/MD5: 172834 85320d327250cf86fd6c48813384bdc0
Size/MD5: 92862 d774e289f718d119dad6e765fd900679
Size/MD5: 36958 9b8758253a277d81c02b1c9fd50b8eba
Size/MD5: 262426 668cbde23862b43743e935ca8ff24e8a
Size/MD5: 132884 f0bbccb2fc0f96b88b124c6942b9d957
powerpc architecture (Apple Macintosh G3/G4/G5):
Size/MD5: 859782 b3d991a69f5703d9e1339eafd0b5df17
Size/MD5: 220946 098441a8af78db25aea174320ffcd409
Size/MD5: 216552 a381af581b41112ac975fca40bec02e6
Size/MD5: 220496 0d5ff99a81d4581edca2effaf04f1473
Size/MD5: 172052 84e4b88525b4ce0923c898264dbfea5a
Size/MD5: 172850 159e27770e6f51e03f5284ea7f5ca190
Size/MD5: 104626 e320d5a9527e39d1998f7212db15825e
Size/MD5: 36960 cdb428ea696ff7e0aaa972041839aef2
Size/MD5: 281970 80f4c670c5c142303b7da95ec7f86b25
Size/MD5: 142094 630a20d53c2ffe01b38c9c9e53badb37
sparc architecture (Sun SPARC/UltraSPARC):
Size/MD5: 804084 1025f38adde2a04a719393d5693dbd68
Size/MD5: 211136 73ae94138fb8b3e4dfbc1c9d5079a92c
Size/MD5: 206806 431b7e7e3462e125d141ee9ec55a7825
Size/MD5: 210416 a2ce963e90818b3093d990f4632c4e8a
Size/MD5: 172070 8335845d072dc411e8e670807dc7c604
Size/MD5: 172850 93e8d610d683005695699a153c40ce06
Size/MD5: 93966 87d7968cec960afde5f9996803ac8a8a
Size/MD5: 36956 585634ecaa1af88b1d92ab48feed15f7
Size/MD5: 268546 c2b2894973ed231bf0292100ca662ced
Size/MD5: 130872 f109c1fe224df9957a8837358365c750
Updated packages for Ubuntu 8.04 LTS:
Source archives:
Size/MD5: 135972 a2c9442eec99007779a145e71ba68b30
Size/MD5: 1381 54f6072ce246ebc26a350fb53e5c99bc
Size/MD5: 6125771 39a755eb0f584c279336387b321e3dfc
Architecture independent packages:
Size/MD5: 1928676 7231ea6584bc9b64c87d84a2fd7e5d00
Size/MD5: 72560 abbc80191e059fce87c599f947b3b402
Size/MD5: 6256206 e50391cd977f7df987c13e17bb163f8f
Size/MD5: 45482 a40b40465c3f99f1dd15f8bc85d24b23
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
Size/MD5: 252722 95177119382131308fb3dcf98507a15c
Size/MD5: 248352 20792be8ccf5b73e46ec4ca3f8c0726b
Size/MD5: 252114 3a45c61b120d53327f52b101da77fe8f
Size/MD5: 205226 1cdb16ee59e67550d536fc1ca2bf7576
Size/MD5: 205994 93adabf4102d299fb420a764a8cbfe33
Size/MD5: 141320 11fbd8d338da9da4fb2cfa47411e23b4
Size/MD5: 803332 f31a349c870550a044ac939c4876ead3
i386 architecture (x86 compatible Intel/AMD):
Size/MD5: 235638 840b0a0bd4399a9799da6f42df7ccbb4
Size/MD5: 231238 6a4d251375dc0f811f427ed3377ac0ab
Size/MD5: 234880 354e2a88b0dbc19a10a5294879a507b1
Size/MD5: 205234 21900ec04423fb920197870e470b9aa7
Size/MD5: 206016 8796b13fb273f61c6c7c4bfb9adbe6aa
Size/MD5: 140294 ea6f40b6c12c27851a9f4f1e88aed544
Size/MD5: 754978 2ba7c3f44c9a5ed197c932232dad4808
lpia architecture (Low Power Intel Architecture):
Size/MD5: 235176 6248fed01caabbfb4d70d0c13c7f17f5
Size/MD5: 230866 95f247897f3bd77ea304dfd6c9dfd85c
Size/MD5: 234344 987ff978cbacde11bc7353702973d125
Size/MD5: 205230 d7576f846491b2833c50f39cc1b0dc75
Size/MD5: 206002 0e1b63983e424122ed1d39826d76335c
Size/MD5: 140878 ce996c6cb3ec3552302869ae2256b20e
Size/MD5: 749176 d26c165846c36706ed1d7590a8be3f7b
powerpc architecture (Apple Macintosh G3/G4/G5):
Size/MD5: 253754 33add2865e4cd1c43a43895870454361
Size/MD5: 249222 538a952111c80146dd1887b556f7116b
Size/MD5: 253320 ad19124a89163a1f1d2212a3ac67a3fc
Size/MD5: 205240 46728c8422948938f06a02677c2a5c77
Size/MD5: 206016 05d6ac042561eb4ea302c90540c64528
Size/MD5: 158034 051b060ed2dd44f5271401e4acc2b9b4
Size/MD5: 905448 a839a4301bca447e91e58174aebad9be
sparc architecture (Sun SPARC/UltraSPARC):
Size/MD5: 237026 7f91acb658058ba572cfc7d223e9968c
Size/MD5: 232794 8af73b6967e695bfcbb900bf0423a366
Size/MD5: 236262 ca2efbd5beef24f97cc4e94f0d45e511
Size/MD5: 205236 11ce3c413997a7203a2b1ddf2c7b608c
Size/MD5: 206016 0b11cbb82ae743d2300a5da249af99a7
Size/MD5: 143500 00c0a815768281a1939510ecf16615bc
Size/MD5: 764418 f1356117d9a2825fc87cb91344704e03
Updated packages for Ubuntu 8.10:
Source archives:
Size/MD5: 132027 05239552b7a95f91eef1d7606ef280c4
Size/MD5: 1788 423154f094b3f5629e698638d9505a01
Size/MD5: 6396996 80d3754fc278338033296f0d41ef2c04
Architecture independent packages:
Size/MD5: 2041678 859eb46d09d45f53599d9d0a71f2fa89
Size/MD5: 6536854 e3572b1d683e4ee6967779dd07b637fd
Size/MD5: 45150 0ff7bf10b5bef6cf7258e6223f78736d
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
Size/MD5: 254642 9f3bb3444753ace1ca55651c68924739
Size/MD5: 248846 00267b5ab16a55aed008578fbdb24bed
Size/MD5: 254018 81085b6d61faeb846e94b1a3bf8eb6a2
Size/MD5: 208170 8e360619ff15112e636aaedc0340f1ee
Size/MD5: 84142 3eaf3d803d582d3eb6fb29a79251df69
Size/MD5: 82494 8f293a595f34d6710adb931d5dbcaf0f
Size/MD5: 209220 73d2d91d313b951f643bf413467c4e5a
Size/MD5: 147398 8a772d1dfdb49bae605bd7dee3f9f436
Size/MD5: 819864 42aeca74c2ee5d0f5a5a4e10037ece11
i386 architecture (x86 compatible Intel/AMD):
Size/MD5: 240962 6427fbd76596cbe52029e6ed5a7da703
Size/MD5: 235678 5155e38f8137c85b9c229b4eafa144e3
Size/MD5: 240298 9f4f26b4d98d8707e15b6b7d02430e5e
Size/MD5: 208190 f68c7d60a09d53af6a8c8640b05e4ad9
Size/MD5: 83572 dd5d339c3e3af404aa3ffd0904ec6c7c
Size/MD5: 81968 7c7775dc8c89c4f7aec5f8c8a5f26e60
Size/MD5: 209236 079855f2fdc6843758bcad41421a46ea
Size/MD5: 146240 0b7ff0f038c7c40d84a1f342a1bbefca
Size/MD5: 778084 226ed90dc2ba09af3a38dcc40b38d834
lpia architecture (Low Power Intel Architecture):
Size/MD5: 237982 7c7a5daf494862704d28d5c85d6c31cc
Size/MD5: 232612 96ea385cf513d314d8e84a4c442cc234
Size/MD5: 237230 4003bab7bbb427b1e9ec0e6d97c3e69b
Size/MD5: 208176 af28e327890eaddff4108231268eee6e
Size/MD5: 83530 4725b6872ac3ac9ad1ae62ba03592964
Size/MD5: 81950 adf39a429f5c04b6a5976c0b5ff30cd4
Size/MD5: 209232 477e0f43b36e9961c13b6c0fab7a0dc1
Size/MD5: 145928 6089cb1b3efa73128a00a237165076ea
Size/MD5: 766230 f876845ac3aae12ef2e0f36996531ef0
powerpc architecture (Apple Macintosh G3/G4/G5):
Size/MD5: 261150 afc86ac304cdc5af1550d346a8f8a3f9
Size/MD5: 255750 b301c6b3f3b4ae21e5ef5cb7ffb56683
Size/MD5: 260470 4c333c87af3a087faeec0da6a282295b
Size/MD5: 208184 94332d103f410b07c99d2f849e108ec6
Size/MD5: 84210 edb9eb638c12753a58a5d582ecaa60fa
Size/MD5: 82556 356606fd10fe199eda49ba3258de85e4
Size/MD5: 209232 0691c4dd34cb05a93799caa9929104d4
Size/MD5: 160676 43a1b64573dd41946dec05b7afeeccf8
Size/MD5: 925826 7a95a689bc4e8a0462e9d8e43ac88f5d
sparc architecture (Sun SPARC/UltraSPARC):
Size/MD5: 246372 db9d10ebc566f9f50210670fc8882819
Size/MD5: 240922 2b5b20a703e7f5d8fbc50fb1ee0b40f4
Size/MD5: 245692 76832085d1b4ffd02948c9ac7b92b54e
Size/MD5: 208196 f6355dfafe95b8915593d514d6ec4cdc
Size/MD5: 83754 2aa37c091a042bd92eea616af4eaa13d
Size/MD5: 82126 dae25ab8ca9612b725ea89fb22cee433
Size/MD5: 209240 a93acaff6c5151aeddbbdeb335a1c8da
Size/MD5: 150576 43675606769e8ea6cbc172bbdf31ea09
Size/MD5: 783584 323183add2eaf6e1360c9eefcf0d5f8a
Updated packages for Ubuntu 9.04:
Source archives:
Size/MD5: 135188 d64295fbf395fedc32558e37c89dd582
Size/MD5: 1795 45bf7dad8a81012c187e219c6c863c9d
Size/MD5: 6806786 03e0a99a5de0f3f568a0087fb9993af9
Architecture independent packages:
Size/MD5: 2218918 e157363876dbb978176c6ba59dc01d61
Size/MD5: 46278 58851aa10579254cdb4d9f89e8b597c5
Size/MD5: 6946286 067a7635b8627b031b9eb9cf0cc847bf
amd64 architecture (Athlon64, Opteron, EM64T Xeon):
Size/MD5: 258646 7446874f9db13dea5da20f225024f477
Size/MD5: 252848 823147209be87ff9322c276a8e2beace
Size/MD5: 258024 6bfdbf469c0b0ba45e543bf7688ac5ee
Size/MD5: 212932 aeeb0ccb1f8e72a15aaf08450a056c1c
Size/MD5: 213906 8621b4d1d85ab19f154a86ec465fa316
Size/MD5: 150776 f7def056c536f9b1a329a3b6fef43b7f
Size/MD5: 826672 e18163156730829c91161191ee00b340
Size/MD5: 87442 39f0e4aaf42e4bb049da17f26a0d9c25
Size/MD5: 85730 a11a39f7102937e5d00b03190ff42a60
i386 architecture (x86 compatible Intel/AMD):
Size/MD5: 245132 c7202ff8f066903e207ebff93557644a
Size/MD5: 239670 18279b3faf8344f9e7f903862114c998
Size/MD5: 244518 c24b66a4a61c2af8edf32b10867cf958
Size/MD5: 212922 a009d9ba9486ba53a3441ca2a48bc9d8
Size/MD5: 213898 6e26de281d137dfab7dbc700ca1f7eb5
Size/MD5: 149678 d4499d622b98d7a9ed3a1b700f954e95
Size/MD5: 783924 45fbb8ab4bfa3297b0e04231677f86a1
Size/MD5: 86818 9d01aae1849d4ccc93c64e7640912b64
Size/MD5: 85222 0a3f70a6697f945a1acec0629edd8586
lpia architecture (Low Power Intel Architecture):
Size/MD5: 242014 0b9676d42353eae308b923ac2c2172d7
Size/MD5: 236570 d42595dd3d5229a7db2f4a6b3047a372
Size/MD5: 241440 3cfa67183c677cc44fc9f0354231978b
Size/MD5: 212924 83433f6847c191927c8bb5234339416a
Size/MD5: 213902 4be2d9e80eabaea30169e3fa39ebe3d8
Size/MD5: 149396 20350717c1cebdf372f0d11d09374852
Size/MD5: 773130 cbed31d2962a5e0c77a400434f9b7ff4
Size/MD5: 86764 6a9b7a0a9015044fff19ff9bf479fbc3
Size/MD5: 85188 2d685381871858d3c685da5a2b44f0f7
powerpc architecture (Apple Macintosh G3/G4/G5):
Size/MD5: 265094 41f064e2daa4ddaf422bcd5013163c11
Size/MD5: 260042 f60b2311f40da9c254fc7583a6a4215a
Size/MD5: 264720 80ba36d44ae08be1f5593b9d60c873e9
Size/MD5: 212934 a35fed013193cf2d0c021baaac793a13
Size/MD5: 213912 d6f400db5f98bb345b063b5a191735fc
Size/MD5: 164086 36c7ab8da76606f2a1fa12328cd35123
Size/MD5: 932026 9a66083f7211f75a083c20a94efebf12
Size/MD5: 87516 8a913c9fd0b3f6e7c71cfb6ce6345702
Size/MD5: 85794 c74337f58c4bad32e2ca1349a182696a
sparc architecture (Sun SPARC/UltraSPARC):
Size/MD5: 250414 dd2f00b98a1089c03950010ee4feacdc
Size/MD5: 244704 9748c6a30dd03d7a94b7ee0e5cbbf37c
Size/MD5: 249756 68a0607bb1d915a1da034f3ecda6e492
Size/MD5: 212924 03ceb43c9e4494db9ce8e2375edadd5b
Size/MD5: 213900 c17c6bdc630a6229922c969f94988c32
Size/MD5: 153928 0109fff49b9f806f9de07f2fbac15945
Size/MD5: 788928 11998be7f1d0a6f1952646df23936645
Size/MD5: 87010 a87263816f682082b234a7b3421b3729
Size/MD5: 85318 a17451cf2fa5597b4bb6abb2145f2a55
Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.
Cloud Security Cryptography Desktop Security Firewall Government Hacks/Cracks IoT Security Network Security Organizations/Events Privacy Security Projects Security Trends Security Vulnerabilities Server Security Vendors/Products
Debian Debian LTS Fedora Gentoo Mageia Oracle openSUSE RockyLinux Slackware SuSE Ubuntu
Harden My Filesystem Learn Tips and Tricks Secure My E-mail Secure My Firewall Secure My Network Secure My Webserver Strengthen My Privacy
Best Secure Linux Distros for Enhanced Privacy & Security The Truth About Linux Malware & How to Protect Your System Is Linux A More Secure Option Than Windows For Businesses? How Secure Is Linux? Top Tips for Securing Your Linux System
Advertise Contribute Your Article Legal Notice RSS Feeds Contact Us Terms of Service Privacy Policy
Linux Security - Your source for Top Linux News, Advisories, HowTo's and Feature Release.
