| |
|
|
Ubuntu Linux Information for VU#356409
Vendor Statement===========================================================Ubuntu Security Notice USN-80-1 February 11, 2005 libapache2-mod-python vulnerabilities CAN-2005-0088 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: libapache2-mod-python2.2 libapache2-mod-python2.3 The problem can be corrected by upgrading the affected package to version 3.1.3-1ubuntu3.2. After a standard system upgrade you need to restart the Apache 2 web server using sudo /etc/init.d/apache2 restart to effect the necessary changes. Details follow: Graham Dumpleton discovered an information disclosure in the "publisher" handle of mod_python. By requesting a carefully crafted URL for a published module page, anybody can obtain extra information about internal variables, objects, and other information which is not intended to be visible. Source archives: http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-python/libapache2-mod-python_3.1.3-1ubuntu3.2.diff.gz Size/MD5: 24067 485183927dd680eedb351cedbd0bb882 http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-python/libapache2-mod-python_3.1.3-1ubuntu3.2.dsc Size/MD5: 806 3b141dd6a13c2abc0c1780ff8d9c34aa http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-python/libapache2-mod-python_3.1.3.orig.tar.gz Size/MD5: 293548 2e1983e35edd428f308b0dfeb1c23bfe Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-python/libapache2-mod-python-doc_3.1.3-1ubuntu3.2_all.deb Size/MD5: 100700 6890472b77b13191bf5106123bbebc6c http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-python/libapache2-mod-python_3.1.3-1ubuntu3.2_all.deb Size/MD5: 12462 b48ab5f2c09c47bfe0c7c02243766c4f amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/liba/libapache2-mod-python/libapache2-mod-python2.2_3.1.3-1ubuntu3.2_amd64.deb Size/MD5: 87564 e331d0cbb7aacadc64ef44d41d326587 http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-python/libapache2-mod-python2.3_3.1.3-1ubuntu3.2_amd64.deb Size/MD5: 87650 0dcbdb227cae1b4721c4b8e0454b4ea6 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/liba/libapache2-mod-python/libapache2-mod-python2.2_3.1.3-1ubuntu3.2_i386.deb Size/MD5: 80502 003d29054ae210f2f81826bac8de7856 http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-python/libapache2-mod-python2.3_3.1.3-1ubuntu3.2_i386.deb Size/MD5: 80538 1813380c5c39583e9311e117f2823aca powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/liba/libapache2-mod-python/libapache2-mod-python2.2_3.1.3-1ubuntu3.2_powerpc.deb Size/MD5: 85218 d56d5f3a5cda43096dda9d1d7fc3fc0b http://security.ubuntu.com/ubuntu/pool/main/liba/libapache2-mod-python/libapache2-mod-python2.3_3.1.3-1ubuntu3.2_powerpc.deb Size/MD5: 85350 9df8b87f95570137d2402818a252b38d Vendor InformationThe vendor has not provided us with any further information regarding this vulnerability.AddendumUS-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us
email. |
 | |||||||||||||||||||
 |
||||||||||||||||||||||
