libapreq2-2.15 Released
The Apache Software Foundation and The Apache HTTP Server Project
are pleased to announce the 2.15 release of libapreq2. This
Announcement notes significant changes introduced by this release.
libapreq2-2.15 is released under the Apache License
version 2.0. It is
CVE-2019-12412: libapreq2 null pointer dereference
Severity: important
Vendor: The Apache Software Foundation
Versions Affected:
libapreq2 2.07 to 2.13
Description:
In libapreq2 versions 2.07 through 2.13 inclusive, a flaw in the
multipart parser can deference a null pointer leading to a proce
Thanks, Joe, for your efforts with this release!
Should there be a v2_15 tag in http://svn.apache.org/viewvc/httpd/apreq/tags/ ?
FWIW, I successfully compiled and tested it with Apache httpd 2.4.41 and
mod_perl 2.0.11 on CentOS 6.10.
My httpd and mod_perl are 32-bit/i686 for silly legacy reason
