The following issue has been CLOSED ====================================================================== https://www.opencsw.org/mantis/view.php?id=5142 ====================================================================== Reported By: burger99 Assigned To: dam ====================================================================== Project: apache2 Issue ID: 5142 Category: upgrade Reproducibility: N/A Severity: minor Priority: normal Status: closed Resolution: open Fixed in Version: ====================================================================== Date Submitted: 2014-01-20 13:00 CET Last Modified: 2014-02-22 11:38 CET ====================================================================== Summary: Security issues Description: mod_rewrite.c in the mod_rewrite module in the Apache HTTP Server 2.2.x before 2.2.25 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator.
Newest version available is 2.2.26 ====================================================================== ---------------------------------------------------------------------- (0010730) dam (administrator) - 2014-02-22 11:38 https://www.opencsw.org/mantis/view.php?id=5142#c10730 ---------------------------------------------------------------------- Apache 2.2.26,REV=2014.02.07 has been pushed to unstable/.