UbuntuUpdates.org

Package "pound"

Name: pound

Description:

reverse proxy, load balancer and HTTPS front-end for Web servers

Latest version: 2.6-6.1ubuntu0.1
Release: xenial (16.04)
Level: updates
Repository: universe
Homepage: http://www.apsis.ch/pound/

Links


Download "pound"


Other versions of "pound" in Xenial

Repository Area Version
base universe 2.6-6.1
security universe 2.6-6.1ubuntu0.1

Changelog

Version: 2.6-6.1ubuntu0.1 2021-01-25 15:06:55 UTC

  pound (2.6-6.1ubuntu0.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Request smuggling
    - debian/patches/0009-CVE-2016-10711-CVE-2018-21245.patch: avoid
      request smuggling in http.c.
    - CVE-2016-10711
    - CVE-2018-21245

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 20 Jan 2021 15:58:50 -0300

CVE-2016-10711 Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.
CVE-2018-21245 Pound before 2.8 allows HTTP request smuggling, a related issue to CVE-2016-10711.



About   -   Send Feedback to @ubuntu_updates