Stefan Fritsch pushed to branch master at Debian Security Tracker / security-tracker
Commits: 0da4e696 by Stefan Fritsch at 2018-03-31T14:34:23+02:00 note apache2 fixes - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -20917,7 +20917,7 @@ CVE-2018-1314 CVE-2018-1313 RESERVED CVE-2018-1312 (In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest ...) - - apache2 <unfixed> + - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/7 CVE-2018-1311 RESERVED @@ -20958,16 +20958,16 @@ CVE-2018-1304 (The URL pattern of "" (the empty string) which exactly NOTE: https://svn.apache.org/r1823309 (7.0.x) NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62067 CVE-2018-1303 (A specially crafted HTTP request header could have crashed the Apache ...) - - apache2 <unfixed> + - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/3 CVE-2018-1302 (When an HTTP/2 stream was destroyed after being handled, the Apache ...) - - apache2 <unfixed> + - apache2 2.4.33-1 [jessie] - apache2 <not-affected> (Vulnerable code not present) [wheezy] - apache2 <not-affected> (Vulnerable code not present) NOTE: HTTP/2 support introduced in 2.4.17 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/5 CVE-2018-1301 (A specially crafted request could have crashed the Apache HTTP Server ...) - - apache2 <unfixed> + - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/2 CVE-2018-1300 RESERVED @@ -21020,7 +21020,7 @@ CVE-2018-1285 CVE-2018-1284 RESERVED CVE-2018-1283 (In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to ...) - - apache2 <unfixed> + - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/4 CVE-2018-1282 RESERVED @@ -28835,7 +28835,7 @@ CVE-2017-15717 (A flaw in the way URLs are escaped and encoded in the ...) CVE-2017-15716 RESERVED CVE-2017-15715 (In Apache httpd 2.4.0 to 2.4.29, the expression specified in ...) - - apache2 <unfixed> + - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/6 CVE-2017-15714 (The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape ...) NOT-FOR-US: BIRT plugin in Apache OFBiz @@ -28846,7 +28846,7 @@ CVE-2017-15712 (Vulnerability allows a user of Apache Oozie 3.1.3-incubating to CVE-2017-15711 REJECTED CVE-2017-15710 (In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to ...) - - apache2 <unfixed> + - apache2 2.4.33-1 NOTE: http://www.openwall.com/lists/oss-security/2018/03/24/8 CVE-2017-15709 (When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 ...) - activemq 5.15.3-1 (bug #890352) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0da4e6969363e63357348d440c46929598405c87 --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0da4e6969363e63357348d440c46929598405c87 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits