UbuntuUpdates.org

Package "lighttpd-mod-maxminddb"

Name: lighttpd-mod-maxminddb

Description:

GeoIP2 info module for lighttpd

Latest version: 1.4.63-1ubuntu3.1
Release: jammy (22.04)
Level: security
Repository: universe
Head package: lighttpd
Homepage: https://www.lighttpd.net/

Links


Download "lighttpd-mod-maxminddb"


Other versions of "lighttpd-mod-maxminddb" in Jammy

Repository Area Version
base universe 1.4.63-1ubuntu3
updates universe 1.4.63-1ubuntu3.1

Changelog

Version: 1.4.63-1ubuntu3.1 2023-02-27 22:06:53 UTC

  lighttpd (1.4.63-1ubuntu3.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds Write
    - debian/patches/CVE-2022-22707.patch: mod_extforward_Forwarded function
      of the mod_extforward plugin has a stack-based buffer overflow.
      (LP: #1994989)
    - CVE-2022-22707
  * SECURITY UPDATE: Resource leak
    - debian/patches/CVE-2022-41556.patch: Resource leak in gw_backend.c.
    - CVE-2022-41556

 -- Jack Fewx <email address hidden> Mon, 13 Feb 2023 21:33:26 -0600

1994989 lighttpd CVE-2022-22707
CVE-2022-22707 In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes repr
CVE-2022-41556 A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount



About   -   Send Feedback to @ubuntu_updates