CVE-2011-3607 is fixed upstream in trunk, but not yet released: http://svn.apache.org/viewvc?view=revision&revision=1198940
Another CVE-2011-4415 was assigned by mitre to the resource consumption, NULL-dereference issue ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-4415 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/811422 Title: Exploitable integer overflow on x86 in mod SetEnvIf, leading to buffer overwrite To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/811422/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
