%package apache-base apache-devel apache-htcacheclean apache-mod_authn_dbd apache-mod_cache apache-mod_dav apache-mod_dbd apache-mod_deflate apache-mod_disk_cache apache-mod_file_cache apache-mod_ldap apache-mod_mem_cache apache-mod_proxy apache-mod_proxy_ajp apache-mod_ssl apache-modules apache-mod_userdir apache-mpm-event apache-mpm-itk apache-mpm-peruser apache-mpm-prefork apache-mpm-worker apache-source
Update: Thu Apr 30 18:58:44 2009
Importance: security
ID: MDVSA-2009:102
URL: http://www.mandriva.com/security/advisories?name=MDVSA-2009:102

%pre
A vulnerability has been found and corrected in apache:

mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server
2.2.11 allows remote attackers to obtain sensitive response data,
intended for a client that sent an earlier POST request with no
request body, via an HTTP request (CVE-2009-1191).

This update provides fixes for that vulnerability.

%description
This package contains the main binary of apache, a powerful, full-featured,
efficient and freely-available Web server. Apache is also the most popular Web
server on the Internet.

This version of apache is fully modular, and many modules are available in
pre-compiled formats, like PHP and mod_auth_external.

Check for available Apache modules for Mandriva Linux at:
http://nux.se/apache/
(most of them can be installed from the contribs repository)

This package defaults to a maximum of 128 dynamically loadable modules.
This package defaults to a ServerLimit of 1024.

You can change these values at RPM build time by using for example:

--define 'maxmodules 512' --define 'serverlimit 2048'

The package was built to support a maximum of 128 dynamically loadable modules.
The package was built with a ServerLimit of 1024.