From 017517c5149c9bd579897b2752b7a28b14fa3e22 Mon Sep 17 00:00:00 2001 From: kuriyama Date: Tue, 25 Aug 2009 06:47:17 +0000 Subject: Add apache-2.2.12 fixes. --- security/vuxml/vuln.xml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) (limited to 'security/vuxml') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 10c6d9569507..0a3be05a4a3e 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,41 @@ Note: Please add new entries to the beginning of this file. --> + + apache22 -- several vulnerability + + + apache + 2.2.12 + + + + +

Apache ChangeLog reports:

+
CVE-2009-1891: Fix a potential Denial-of-Service attack against mod_deflate or other modules.
+
CVE-2009-1195: Prevent the "Includes" Option from being enabled in an .htaccess file if the AllowOverride restrictions do not permit it.
+
CVE-2009-1890: Fix a potential Denial-of-Service attack against mod_proxy in a reverse proxy configuration.
+
CVE-2009-1191: mod_proxy_ajp: Avoid delivering content from a previous request which failed to send a request body.
+
CVE-2009-0023, CVE-2009-1955, CVE-2009-1956: The bundled copy of the APR-util library has been updated, fixing three different security issues which may affect particular configurations and third-party modules (was already fixed in 2.2.11_5).
+

+ + + + CVE-2009-1891 + CVE-2009-1195 + CVE-2009-1890 + CVE-2009-1191 + CVE-2009-0023 + CVE-2009-1955 + CVE-2009-1956 + + + 2009-07-28 + 2009-08-25 + + + pidgin -- MSN overflow parsing SLP messages -- cgit