https://issues.apache.org/bugzilla/show_bug.cgi?id=52774
Kaspar Brand <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Version|2.2.14 |2.2.22 --- Comment #5 from Kaspar Brand <[email protected]> 2012-03-07 08:21:36 UTC --- (In reply to comment #4) > 2012-02-20.111132.log:apache2 (2.2.14-5ubuntu8.7) to 2.2.14-5ubuntu8.8 > > Obviously, my configuration broke on 2012-02-20. The reason is most likely this (from http://changelogs.ubuntu.com/changelogs/pool/main/a/apache2/apache2_2.2.14-5ubuntu8.8/changelog): * SECURITY UPDATE: another mod_proxy reverse proxy exposure - debian/patches/216_CVE-2011-4317.dpatch: validate additional URIs in modules/mappers/mod_rewrite.c, modules/proxy/mod_proxy.c, server/protocol.c. - CVE-2011-4317 I'm tentatively setting the version to 2.2.22, as this is the official release with the fix for CVE-2011-4317 (see r1235443). -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
