diff options
| author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-06-08 19:15:34 +0000 |
|---|---|---|
| committer | Eric Hameleers <alien@slackware.com> | 2022-06-09 13:30:28 +0200 |
| commit | 348dffe043c24552437ca1408bc83fb20db9774b (patch) | |
| tree | 0e3d52595ef4b81132c28a470082acd8bad82f56 /patches | |
| parent | b9f4e8dc0eff328898247502d52d5cb9b08272fa (diff) | |
| download | current-348dffe043c24552437ca1408bc83fb20db9774b.tar.gz | |
Wed Jun 8 19:15:34 UTC 202220220608191534_15.0
patches/packages/httpd-2.4.54-x86_64-1_slack15.0.txz: Upgraded.
This update fixes bugs and the following security issues:
mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism.
Information Disclosure in mod_lua with websockets.
mod_sed denial of service.
Denial of service in mod_lua r:parsebody.
Read beyond bounds in ap_strcmp_match().
Read beyond bounds via ap_rwrite().
Read beyond bounds in mod_isapi.
mod_proxy_ajp: Possible request smuggling.
For more information, see:
https://downloads.apache.org/httpd/CHANGES_2.4.54
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31813
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30556
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30522
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29404
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28615
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28614
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-28330
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26377
(* Security fix *)
Diffstat (limited to 'patches')
| -rw-r--r-- | patches/packages/httpd-2.4.54-x86_64-1_slack15.0.txt (renamed from patches/packages/httpd-2.4.53-x86_64-1_slack15.0.txt) | 0 |
1 files changed, 0 insertions, 0 deletions
diff --git a/patches/packages/httpd-2.4.53-x86_64-1_slack15.0.txt b/patches/packages/httpd-2.4.54-x86_64-1_slack15.0.txt index 3185f84d..3185f84d 100644 --- a/patches/packages/httpd-2.4.53-x86_64-1_slack15.0.txt +++ b/patches/packages/httpd-2.4.54-x86_64-1_slack15.0.txt |