-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.6
Date: Sat, 26 Oct 2002 11:18:13 +0200
Source: apache-ssl
Binary: apache-ssl
Architecture: i386
Version: 1.3.9.13-4.2
Distribution: oldstable-security
Urgency: high
Maintainer: Debian/i386 Build Daemon <buildd@cyberhqz.com>
Description: 
 apache-ssl - Versatile, high-performance HTTP server with SSL support
Changes: 
 apache-ssl (1.3.9.13-4.2) oldstable-security; urgency=high
 .
   * Non-maintainer upload by the Security Team
   * Backport security fixes from 1.3.27 for the following issues:
     - CAN-2002-0839 (shared memory scoreboard uid/gid)
     - CAN-2002-0840 (cross-site scripting in error page)
     - CAN-2002-0843 (buffer overflows in ApacheBench ab.c)
   * Fix insecure temporary file creation in htpasswd and htdigest
   * Added another fix against two overflowed buffer in the htdigest
     program
   * Backported security patch from 1.3.13 that fixes a bug in mod_rewrite
     that enables an attacker to be able to access any file on the web
     server.
Files: 
 06e8c865ae2e345ee0d0c79e784d4882 407672 non-us/main optional apache-ssl_1.3.9.13-4.2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE9uoFtW5ql+IAeqTIRAlGvAJ4rtpAUnMUrxHQyivrp7TP4LL+T+ACeJNne
VnkeDVHPThg1JeD3DFBuFww=
=7sY4
-----END PGP SIGNATURE-----