lenny backports discontinued

Following the normal Debian Archive lenny-backports is now discontinued. That
means that no upload will be possible anymore and lenny-backports(-sloppy)
get moved to archive.debian.org. If you haven't updated yet - now is the time
to move to squeeze.

Some numbers about lenny-backports and lenny-backports-sloppy:

- Source packages: lenny-backports: 667 - sloppy: 21
- Uploads: lenny-backports: 1445 - sloppy: 51
- Contributors: lenny-backports: 146 - sloppy: 17

Without all those contributors lenny-backports wouldn't have been possible.
Thank you very much for your support!

Alex and Rhonda - backports.debian.org ftpmasters

P.S. and of course a big thanks to ganneff, without him we wouldn't be
able to run the dak monster :)

CVE-2012-1181

fcgid_spawn_ctl.c in the mod_fcgid module 2.3.6 for the Apache HTTP Server does not recognize the FcgidMaxProcessesPerClass directive for a virtual host, which makes it easier for remote attackers to cause a denial of service (memory consumption) via a series of HTTP requests that triggers a process count higher than the intended limit. (CVSS:5.0) (Last Update:2012-09-07)

CVE-2012-0612 (iphone_os, itunes, safari)

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.

CVE-2012-0613 (iphone_os, itunes, safari)

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.

CVE-2012-0614 (iphone_os, itunes, safari)

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.

CVE-2012-0615 (iphone_os, itunes, safari)

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.

CVE-2012-0617 (iphone_os, itunes, safari)

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.

CVE-2012-0628 (iphone_os, itunes, safari)

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.

CVE-2012-0618 (iphone_os, itunes, safari)

WebKit, as used in Apple iOS before 5.1 and iTunes before 10.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site, a different vulnerability than other WebKit CVEs listed in APPLE-SA-2012-03-07-1 and APPLE-SA-2012-03-07-2.