This bug was fixed in the package apache2 - 2.2.14-2ubuntu1
---------------
apache2 (2.2.14-2ubuntu1) lucid; urgency=low
* Merge from debian testing, remaining changes:
- debian/{control, rules}: Enable PIE hardening.
- debian/{control, rules, pache2.2-common.ufw.profile}: Add ufw profiles.
- debian/conrol: Add bzr tag and point it to our tree.
- removed debian/patches/203_fix_legacy_ap_rputs_segfaults.dpatch: it was
already dropped from 00list, so just remove the patch entirely
apache2 (2.2.14-2) unstable; urgency=medium
* Security:
Reject any client-initiated SSL/TLS renegotiations. This is a partial fix
for the TLS renegotiation prefix injection attack (CVE-2009-3555).
Any configuration which requires renegotiation for per-directory/location
access control is still vulnerable.
* Allow RemoveType to override the types from /etc/mime.types. This allows
to use .es and .tr for Spanish and Turkish files in mod_negotiation.
Closes: #496080
* Fix 'CacheEnable disk http://'. Closes: #442266
* Fix missing dependency by changing killall to pkill in the init script.
LP: #460692
* Add X-Interactive header to init script as it may ask for the ssl key
passphrase. Closes: #554824
* Move httxt2dbm man page into apache2.2-bin, which includes httxt2dbm, too.
* Enable keepalive for MSIE 7 and newer in default-ssl site and README.Debian
-- Jamie Strandboge <ja...@ubuntu.com> Thu, 12 Nov 2009 16:09:30 -0600
** Changed in: apache2 (Ubuntu)
Status: Triaged => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2009-3555
--
Missing dependency for apache2 init script
https://bugs.launchpad.net/bugs/460692
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
