Debian
apache2 package

apache2 2.4.10-10+deb8u12 source package in Debian

Changelog

apache2 (2.4.10-10+deb8u12) jessie-security; urgency=medium

  * CVE-2017-15710: mod_authnz_ldap: Out of bound write in mod_authnz_ldap
    when using too small Accept-Language values.
  * CVE-2017-15715: <FilesMatch> bypass with a trailing newline in the file
    name.
    Configure the regular expression engine to match '$' to the end of
    the input string only, excluding matching the end of any embedded
    newline characters. Behavior can be changed with new directive
    'RegexDefaultOptions'.
  * CVE-2018-1283: Tampering of mod_session data for CGI applications.
  * CVE-2018-1301: Possible out of bound access after failure in reading the
    HTTP request
  * CVE-2018-1303: Possible out of bound read in mod_cache_socache
  * CVE-2018-1312: mod_auth_digest: Weak Digest auth nonce generation

 -- Stefan Fritsch <email address hidden>  Sat, 31 Mar 2018 11:31:57 +0200

Upload details

Uploaded by:
Debian Apache Maintainers
Uploaded to:
Jessie
Original maintainer:
Debian Apache Maintainers
Architectures:
any all
Section:
httpd
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section
Jessie release main httpd

Builds

Downloads

File Size SHA-256 Checksum
apache2_2.4.10-10+deb8u12.dsc 3.2 KiB 0b9a1f7b5e6172b5466ae787bc338bb6668d74d39440b1af90d86894dac7a44b
apache2_2.4.10.orig.tar.bz2 4.8 MiB 176c4dac1a745f07b7b91e7f4fd48f9c48049fa6f088efe758d61d9738669c6a
apache2_2.4.10-10+deb8u12.debian.tar.xz 553.1 KiB bf3800808974abdf5feabb799bf138370711c05c5344d4f9c3638b63fd9229a7

No changes file available.

Binary packages built by this source