The following issue requires your FEEDBACK. ====================================================================== https://www.opencsw.org/mantis/view.php?id=5142 ====================================================================== Reported By: burger99 Assigned To: dam ====================================================================== Project: apache2 Issue ID: 5142 Category: upgrade Reproducibility: N/A Severity: minor Priority: normal Status: feedback ====================================================================== Date Submitted: 2014-01-20 13:00 CET Last Modified: 2014-02-03 17:06 CET ====================================================================== Summary: Security issues Description: mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Newest version available is 2.2.26 ====================================================================== ---------------------------------------------------------------------- (0010697) dam (administrator) - 2014-02-03 17:06 https://www.opencsw.org/mantis/view.php?id=5142#c10697 ---------------------------------------------------------------------- I made an experimental package which will show up soon here: http://buildfarm.opencsw.org/experimental.html#apache-2.2.26 Please give it a try and let me know if you are happy with it.
