This bug was fixed in the package apache2 - 2.4.7-1ubuntu4.13
---------------
apache2 (2.4.7-1ubuntu4.13) trusty-security; urgency=medium
* SECURITY UPDATE: proxy request header vulnerability (httpoxy)
- debian/patches/CVE-2016-5387.patch: don't pass through HTTP_PROXY in
server/util_script.c.
- CVE-2016-5387
* This update does _not_ contain the changes from (2.4.7-1ubuntu4.12) in
trusty-proposed.
-- Marc Deslauriers <[email protected]> Thu, 14 Jul 2016
08:40:55 -0400
** Changed in: apache2 (Ubuntu Trusty)
Status: Incomplete => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5387
--
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1394403
Title:
RewriteRule of "^$" is broken
To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1394403/+subscriptions
--
Mailing list: https://launchpad.net/~enterprise-support
Post to : [email protected]
Unsubscribe : https://launchpad.net/~enterprise-support
More help : https://help.launchpad.net/ListHelp
