Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4bb89b27 by Salvatore Bonaccorso at 2019-01-23T20:38:55Z
Add Debian bug reference for CVE-2018-17199/apache2
- - - - -
60fde9eb by Salvatore Bonaccorso at 2019-01-23T20:39:49Z
Add Debian bug reference for CVE-2018-17189/apache2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23037,7 +23037,7 @@ CVE-2018-17200
RESERVED
CVE-2018-17199 [mod_session_cookie does not respect expiry time]
RESERVED
- - apache2 <unfixed>
+ - apache2 <unfixed> (bug #920303)
NOTE: https://www.openwall.com/lists/oss-security/2019/01/22/3
CVE-2018-17198
RESERVED
@@ -23064,7 +23064,7 @@ CVE-2018-17190 (In all versions of Apache Spark, its
standalone resource manager
NOT-FOR-US: Apache Spark
CVE-2018-17189 [mod_http2, DoS via slow, unneeded request bodies]
RESERVED
- - apache2 <unfixed>
+ - apache2 <unfixed> (bug #920302)
[jessie] - apache2 <not-affected> (Vulnerable code not present)
NOTE: HTTP/2 support introduced in 2.4.17
NOTE: https://www.openwall.com/lists/oss-security/2019/01/22/2
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/b6a01eb4ffe7d62fb8ca6facf83bc6f6bcdda6f7...60fde9eb2debec8beda884b2e2c8afe361d182eb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/compare/b6a01eb4ffe7d62fb8ca6facf83bc6f6bcdda6f7...60fde9eb2debec8beda884b2e2c8afe361d182eb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
