drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Prüfung von Umgebungsvariablen in lighttpd
Name: |
Mangelnde Prüfung von Umgebungsvariablen in lighttpd |
|
ID: |
FEDORA-2016-9de7253cc7 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 23 |
|
Datum: |
Mi, 10. August 2016, 13:30 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000212 |
|
Applikationen: |
lighttpd |
|
Originalnachricht |
Name : lighttpd Product : Fedora 23 Version : 1.4.41 Release : 1.fc23 URL : http://www.lighttpd.net/ Summary : Lightning fast webserver with light system requirements Description : Secure, fast, compliant and very flexible web-server which has been optimized for high-performance environments. It has a very low memory footprint compared to other webservers and takes care of cpu-load. Its advanced feature-set (FastCGI, CGI, Auth, Output-Compression, URL-Rewriting and many more) make it the perfect webserver-software for every server that is suffering load problems.
------------------------------------------------------------------------------- - Update Information:
1.4.41 ---- Patch for CVE-2016-1000212. ---- Connection state patch. ---- Patch for ipv6 blocking bug. ---- 1.4.40 https://www.lighttpd.net/2016/7/16/1.4.40/ ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1361926 - lighttpd-1.4.41 is available https://bugzilla.redhat.com/show_bug.cgi?id=1361926 [ 2 ] Bug #1360641 - CVE-2016-1000212 lighttpd: sets environmental variable based on user supplied Proxy request header [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1360641 [ 3 ] Bug #1360640 - CVE-2016-1000212 lighttpd: sets environmental variable based on user supplied Proxy request header [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=1360640 [ 4 ] Bug #1357238 - lighttpd-1.4.40 is available https://bugzilla.redhat.com/show_bug.cgi?id=1357238 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update lighttpd' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org
|
|
|
|