-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 --------------------------------------------------------------------------
   Turbolinux Security Advisory TLSA-2006-20
   http://www.turbolinux.co.jp/security/
                                             security-team@turbolinux.co.jp
 --------------------------------------------------------------------------

 Original released date: 07 Aug 2006
 Last revised: 07 Aug 2006

 Package: httpd

 Summary: Buffer overflow

 More information:
    Apache is a powerful, full-featured, efficient, and freely-available
    Web server. Apache is also the most popular Web server on the Internet.

    A off-by-one buffer overflow vulnerability exists in httpd.

 Impact:
    This vulnerability may allow remote attackers to cause a denial of service.

 Affected Products:
    - Turbolinux Appliance Server 2.0
    - Turbolinux FUJI
    - Turbolinux 10 Server x64 Edition
    - Turbolinux 10 Server
    - Turbolinux Home
    - Turbolinux 10 F...
    - Turbolinux 10 Desktop
    - Turbolinux Multimedia
    - Turbolinux Personal


 <Turbolinux Appliance Server 2.0>

   Source Packages
   Size: MD5

   httpd-2.0.51-21.src.rpm
      6850205 f7e98935ba8c745fcd5f98b1b7503898

   Binary Packages
   Size: MD5

   httpd-2.0.51-21.i586.rpm
      1032629 20259b917e828c800a70b8f71cf3eed0
   httpd-devel-2.0.51-21.i586.rpm
       224357 4c3020beb068a0f0d2fa975787aea5a3
   httpd-manual-2.0.51-21.i586.rpm
      1131979 ce47d233a8d26ae5a5fe515103b0c540
   mod_ssl-2.0.51-21.i586.rpm
        88604 a5199bfe84fcadb1286134cf22626964

 <Turbolinux FUJI>

   Source Packages
   Size: MD5

   httpd-2.0.54-11.src.rpm
      7617752 ad13cb4430bfcbe8b2196139d69b7aa2

   Binary Packages
   Size: MD5

   httpd-2.0.54-11.i686.rpm
      1266818 2611fb3f1ab2b8fb5ee0f8ed8bb0eb19
   httpd-devel-2.0.54-11.i686.rpm
       276039 d0e4e31806f2aec10649be197df265a8

 <Turbolinux 10 Server x64 Edition> 

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/SRPMS/httpd-2.0.51-23.src.rpm
      6850200 0fcc20f7e1915bec3306acaa4b285691

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-2.0.51-23.x86_64.rpm
      1143010 132969668365aea3b2017a270373e038
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-debug-2.0.51-23.x86_64.rpm
      3224464 ac4b97c8e97ae6debf1e61885787efb0
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-devel-2.0.51-23.x86_64.rpm
       224403 74acae04fba4eebc21745bc37a9b99ae
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/httpd-manual-2.0.51-23.x86_64.rpm
      1133093 53553a147c4e998feb5256750ff279bb
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/mod_bwshare-2.0.51-23.x86_64.rpm
        41386 ae70bd63e03bdcaf049399711ce233ba
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/x64/Server/10/updates/RPMS/mod_ssl-2.0.51-23.x86_64.rpm
        96166 4b6111bb073a0453b04257118ea1178e

 <Turbolinux 10 Server>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/SRPMS/httpd-2.0.51-23.src.rpm
      6850200 f77a5c3d433a21170499ce27b557dd71

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/httpd-2.0.51-23.i586.rpm
      1032473 e9683b6aed0906fae01d291f62ecb064
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/httpd-debug-2.0.51-23.i586.rpm
      3242439 823bd2e0dd260b9da91c634d36b2200f
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/httpd-devel-2.0.51-23.i586.rpm
       224289 0ebe56285609800c41583e2b197b864c
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/httpd-manual-2.0.51-23.i586.rpm
      1133037 ea73bf89e7454a40e31c21b8d07d9e3b
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/mod_bwshare-2.0.51-23.i586.rpm
        40613 5616d63a0333b04ede0464bf7ba3e546
   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Server/10/updates/RPMS/mod_ssl-2.0.51-23.i586.rpm
        88563 c76b8f6c72d2399d62ba195256aac673

 <Turbolinux 10 Desktop, Turbolinux 10 F..., Turbolinux Home, Turbolinux Multimedia, Turbolinux Personal>

   Source Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/SRPMS/httpd-2.0.48-19.src.rpm
      6320825 7b4112ddad0b90c4190cda0772908839

   Binary Packages
   Size: MD5

   ftp://ftp.turbolinux.co.jp/pub/TurboLinux/TurboLinux/ia32/Desktop/10/updates/RPMS/httpd-2.0.48-19.i586.rpm
       893101 d522c6c1e9df3d17b7f848986195c72a


 CVE
   [CVE-2006-3437]
   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3437

 --------------------------------------------------------------------------
 Revision History
    07 Aug 2006 Initial release
 --------------------------------------------------------------------------

 Copyright(C) 2006 Turbolinux, Inc. All rights reserved. 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)

iD8DBQFE1xpPK0LzjOqIJMwRAoQFAJ4yMn8FJKbL+5P1WnIrpo8PqNZougCfcxN5
HXxUI9k7NfMelO5TypsARms=
=xZL8
-----END PGP SIGNATURE-----