Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3ad88aed by Salvatore Bonaccorso at 2024-04-27T20:53:30+02:00
Align note for CVE-2024-24795 with previous one
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6833,7 +6833,8 @@ CVE-2024-24795 (HTTP Response splitting in multiple
modules in Apache HTTP Serve
NOTE:
https://github.com/apache/httpd/commit/a29723ce1af75eed0813c3717d3f6dee9b405ca8
NOTE: Fix will trigger a regression at least in fossil see
https://bz.apache.org/bugzilla/show_bug.cgi?id=68905
NOTE: Fossil fix here: https://fossil-scm.org/home/info/f4ffefe708793b03
- NOTE: uwsgi include sources of uwgi apache2 module. Since buster we
compile the uwsgi module of apache2 source package.
+ NOTE: uwsgi since 2.0.15-11 drops building the
libapache2-mod-proxy-uwsgi{,-dbg}
+ NOTE: packages which are provided by src:apache2 itself.
NOTE: https://github.com/unbit/uwsgi/issues/2635
CVE-2023-38709 (Faulty input validation in the core of Apache allows malicious
or expl ...)
{DSA-5662-1}
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ad88aeda9ffec19bf9cf27c1c91e174e057d88f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ad88aeda9ffec19bf9cf27c1c91e174e057d88f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
