Name : httpd Product : Fedora 21 Version : 2.4.10 Release : 15.fc21 URL : http://httpd.apache.org/ Summary : Apache HTTP Server Description : The Apache HTTP Server is a powerful, efficient, and extensible web server.
- core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704)
- mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581)
- mod_proxy_fcgi: fix a potential crash with long headers (CVE-2014-3583)
- mod_lua: fix handling of the Require line when a LuaAuthzProvider is used in multiple Require directives with different arguments (CVE-2014-8109)
* Wed Dec 17 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-15 - core: fix bypassing of mod_headers rules via chunked requests (CVE-2013-5704) - mod_cache: fix NULL pointer dereference on empty Content-Type (CVE-2014-3581) - mod_proxy_fcgi: fix a potential crash with long headers (CVE-2014-3583) - mod_lua: fix handling of the Require line when a LuaAuthzProvider is used in multiple Require directives with different arguments (CVE-2014-8109) * Tue Oct 14 2014 Joe Orton <jorton@redhat.com> - 2.4.10-14 - require apr-util 1.5.x * Thu Sep 18 2014 Jan Kaluza <jkaluza@redhat.com> - 2.4.10-13 - use NoDelay and DeferAcceptSec in httpd.socket ------------------------------------------------------------------------------- - References:
This update can be installed with the "yum" update program. Use su -c 'yum update httpd' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.