Mehrere Probleme in Apache
ID: | FEDORA-2017-cf9599a306 |
Distribution: | Fedora |
Plattformen: | Fedora 24 |
Datum: | Mi, 12. Juli 2017, 09:28 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7668 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7679 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3169 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7659 |
Applikationen: | Apache |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-cf9599a306 2017-07-11 18:56:33.195843 -------------------------------------------------------------------------------- Name : httpd Product : Fedora 24 Version : 2.4.26 Release : 1.fc24 URL : http://httpd.apache.org/ Summary : Apache HTTP Server Description : The Apache HTTP Server is a powerful, efficient, and extensible web server. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1463207 - CVE-2017-7679 httpd: mod_mime buffer overread https://bugzilla.redhat.com/show_bug.cgi?id=1463207 [ 2 ] Bug #1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread https://bugzilla.redhat.com/show_bug.cgi?id=1463205 [ 3 ] Bug #1463199 - CVE-2017-7659 httpd: mod_http2 NULL pointer dereference https://bugzilla.redhat.com/show_bug.cgi?id=1463199 [ 4 ] Bug #1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference https://bugzilla.redhat.com/show_bug.cgi?id=1463197 [ 5 ] Bug #1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass https://bugzilla.redhat.com/show_bug.cgi?id=1463194 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade httpd' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org |