CVE-2011-3607 is fixed upstream in trunk, but not yet released: http://svn.apache.org/viewvc?view=revision&revision=1198940
Another CVE-2011-4415 was assigned by mitre to the resource consumption, NULL-dereference issue ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-4415 -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to apache2 in Ubuntu. https://bugs.launchpad.net/bugs/811422 Title: Exploitable integer overflow on x86 in mod SetEnvIf, leading to buffer overwrite To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/811422/+subscriptions -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
