apache2.4.29-1ubuntu4.13

Asked by Jerry Virden on 2020-03-25

I have this patch installed: apache2.4.29-1ubuntu4.13. I need to know for security audit if this patch fixes the issue with CVE-2019-9517.

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu apache2 Edit question
Assignee:
No assignee Edit question
Last query:
2020-03-25
Last reply:
2020-03-25
Manfred Hampl (m-hampl) said : #1

From the changelog:

2.4.29-1ubuntu4.13
...
2.4.29-1ubuntu4.12
...
2.4.29-1ubuntu4.11
...
2.4.29-1ubuntu4.10
Superseded in bionic-updates on 2019-09-17
Superseded in bionic-security on 2019-09-17
apache2 (2.4.29-1ubuntu4.10) bionic-security; urgency=medium

  * SECURITY UPDATE: HTTP/2 internal data buffering denial of service.
    - d/p/mod_http2-1.15.4-backport-0004-CVE-2019-9517.patch: improve
      http/2 module keepalive throttling.
    - CVE-2019-9517

Can you help with this problem?

Provide an answer of your own, or ask Jerry Virden for more information if necessary.

To post a message you must log in.