This vulnerability doesn't affect Apache 2.4, which is in saucy. Marking
as invalid for saucy.
** Changed in: apache2 (Ubuntu Saucy)
Status: Confirmed = Invalid
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
This bug was fixed in the package apache2 - 2.2.22-1ubuntu1.4
---
apache2 (2.2.22-1ubuntu1.4) precise-security; urgency=low
* SECURITY UPDATE: log file poisoning via mod_rewrite (LP: #1188069)
- debian/patches/CVE-2013-1862.patch: properly escape items in
This bug was fixed in the package apache2 - 2.2.22-6ubuntu5.1
---
apache2 (2.2.22-6ubuntu5.1) raring-security; urgency=low
* SECURITY UPDATE: log file poisoning via mod_rewrite (LP: #1188069)
- debian/patches/CVE-2013-1862.patch: properly escape items in
This bug was fixed in the package apache2 - 2.2.22-6ubuntu2.3
---
apache2 (2.2.22-6ubuntu2.3) quantal-security; urgency=low
* SECURITY UPDATE: log file poisoning via mod_rewrite (LP: #1188069)
- debian/patches/CVE-2013-1862.patch: properly escape items in
This bug was fixed in the package apache2 - 2.2.14-5ubuntu8.12
---
apache2 (2.2.14-5ubuntu8.12) lucid-security; urgency=low
* SECURITY UPDATE: log file poisoning via mod_rewrite (LP: #1188069)
- debian/patches/CVE-2013-1862.dpatch: properly escape items in
Debian security tracker:
https://security-tracker.debian.org/tracker/CVE-2013-1862
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
** Tags added: security
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/1188069
Title:
apache2 mod_rewrite CVE 2013-1862
To manage notifications about this bug go to:
We are tracking this issue here:
http://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2013-1862
Since this issue has been rated as having a low priority, we will not
be releasing a security update until more important issues are found, at
which point the security update will bundle them.