Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
packages/net/apache
History
Sebastian Kemper f5a57e42ca apache: security bump to 2.4.46 
From CHANGES_2.4:

SECURITY: CVE-2020-11984 (cve.mitre.org)
  mod_proxy_uwsgi: Malicious request may result in information disclosure
  or RCE of existing file on the server running under a malicious process
  environment. [Yann Ylavic]

SECURITY: CVE-2020-11993 (cve.mitre.org)
  mod_http2: when throttling connection requests, log statements
  where possibly made that result in concurrent, unsafe use of
  a memory pool. [Stefan Eissing]

SECURITY:
  mod_http2: a specially crafted value for the 'Cache-Digest' header
  request would result in a crash when the server actually tries
  to HTTP/2 PUSH a resource afterwards.
  [Stefan Eissing, Eric Covener, Christophe Jaillet]

Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
2020-08-08 16:19:45 +02:00
..
files apache: create log directory o= 2020-08-08 16:19:10 +02:00
patches apache: bump to 2.4.41 & sync with master 2020-02-08 22:14:48 +01:00
Makefile apache: security bump to 2.4.46 2020-08-08 16:19:45 +02:00