Package "apache2"
Name: |
apache2
|
Description: |
Apache HTTP Server
|
Latest version: |
2.4.7-1ubuntu4.22 |
Release: |
trusty (14.04) |
Level: |
security |
Repository: |
main |
Homepage: |
http://httpd.apache.org/ |
Links
Download "apache2"
Other versions of "apache2" in Trusty
Packages in group
Deleted packages are displayed in grey.
Changelog
apache2 (2.4.7-1ubuntu4.22) trusty-security; urgency=medium
* SECURITY UPDATE: mod_session expiry time issue
- debian/patches/CVE-2018-17199-pre1.patch: properly handle sessions
that could not be decoded in modules/session/mod_session.c.
- debian/patches/CVE-2018-17199.patch: always decode session attributes
early in modules/session/mod_session.c.
- CVE-2018-17199
* SECURITY UPDATE: mod_auth_digest access control bypass
- debian/patches/CVE-2019-0217.patch: fix a race condition in
modules/aaa/mod_auth_digest.c.
- CVE-2019-0217
* SECURITY UPDATE: URL normalization inconsistincy
- debian/patches/CVE-2019-0220-1.patch: merge consecutive slashes in
the path in include/http_core.h, include/httpd.h, server/core.c,
server/request.c, server/util.c.
- debian/patches/CVE-2019-0220-2.patch: fix r->parsed_uri.path safety
in server/request.c, server/util.c.
- debian/patches/CVE-2019-0220-3.patch: maintainer mode fix in
server/util.c.
- CVE-2019-0220
-- Marc Deslauriers <email address hidden> Wed, 03 Apr 2019 10:37:52 -0400
|
Source diff to previous version |
CVE-2018-17199 |
In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session. This causes session expir |
CVE-2019-0217 |
mod_auth_digest access control bypass |
CVE-2019-0220 |
Apache httpd URL normalization inconsistincy |
|
apache2 (2.4.7-1ubuntu4.20) trusty-security; urgency=medium
* SECURITY UPDATE: DoS via missing header with AuthLDAPCharsetConfig
- debian/patches/CVE-2017-15710.patch: fix language long names
detection as short name in modules/aaa/mod_authnz_ldap.c.
- CVE-2017-15710
* SECURITY UPDATE: incorrect <FilesMatch> matching
- debian/patches/CVE-2017-15715-pre.patch: add ap_cstr_casecmp[n]() to
include/httpd.h, server/util.c.
- debian/patches/CVE-2017-15715.patch: allow to configure
global/default options for regexes, like caseless matching or
extended format in include/ap_regex.h, server/core.c,
server/util_pcre.c.
- CVE-2017-15715
* SECURITY UPDATE: mod_session header manipulation
- debian/patches/CVE-2018-1283.patch: strip Session header when
SessionEnv is on in modules/session/mod_session.c.
- CVE-2018-1283
* SECURITY UPDATE: DoS via specially-crafted request
- debian/patches/CVE-2018-1301.patch: ensure that read lines are NUL
terminated on any error, not only on buffer full in
server/protocol.c.
- CVE-2018-1301
* SECURITY UPDATE: mod_cache_socache DoS
- debian/patches/CVE-2018-1303.patch: fix caching of empty headers up
to carriage return in modules/cache/mod_cache_socache.c.
- CVE-2018-1303
* SECURITY UPDATE: insecure nonce generation
- debian/patches/CVE-2018-1312.patch: actually use the secret when
generating nonces in modules/aaa/mod_auth_digest.c.
- CVE-2018-1312
-- Marc Deslauriers <email address hidden> Wed, 18 Apr 2018 11:13:36 -0400
|
Source diff to previous version |
CVE-2017-15710 |
In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-La |
CVE-2017-15715 |
In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than |
CVE-2018-1283 |
In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a r |
CVE-2018-1301 |
A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is re |
CVE-2018-1303 |
A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing |
CVE-2018-1312 |
In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly g |
|
apache2 (2.4.7-1ubuntu4.17) trusty-security; urgency=medium
* SECURITY UPDATE: uninitialized memory reflection in mod_auth_digest
- debian/patches/CVE-2017-9788.patch: correct string scope in
modules/aaa/mod_auth_digest.c.
- CVE-2017-9788
-- Marc Deslauriers <email address hidden> Thu, 27 Jul 2017 10:34:31 -0400
|
Source diff to previous version |
CVE-2017-9788 |
In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or |
|
apache2 (2.4.7-1ubuntu4.16) trusty-security; urgency=medium
* SECURITY UPDATE: authentication bypass in ap_get_basic_auth_pw()
- debian/patches/CVE-2017-3167.patch: deprecate and replace
ap_get_basic_auth_pw in include/ap_mmn.h, include/http_protocol.h,
server/protocol.c, server/request.c.
- CVE-2017-3167
* SECURITY UPDATE: NULL pointer deref in ap_hook_process_connection()
- debian/patches/CVE-2017-3169.patch: fix ctx passed to
ssl_io_filter_error() in modules/ssl/ssl_engine_io.c.
- CVE-2017-3169
* SECURITY UPDATE: denial of service and possible incorrect value return
in HTTP strict parsing changes
- debian/patches/CVE-2017-7668.patch: short-circuit on NULL in
server/util.c.
- CVE-2017-7668
* SECURITY UPDATE: mod_mime DoS via crafted Content-Type response header
- debian/patches/CVE-2017-7679.patch: fix quoted pair scanning in
modules/http/mod_mime.c.
- CVE-2017-7679
-- Marc Deslauriers <email address hidden> Mon, 26 Jun 2017 08:04:58 -0400
|
CVE-2017-3167 |
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication p |
CVE-2017-3169 |
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_con |
CVE-2017-7668 |
The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to searc |
CVE-2017-7679 |
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Typ |
|
About
-
Send Feedback to @ubuntu_updates