Branches for Lenny

Name Status Last Modified Last Commit
lp://qastaging/debian/lenny/apache2 2 Mature 2012-02-05 21:56:02 UTC
23. * Prevent unintended pattern expansio...

Author: Stefan Fritsch
Revision Date: 2012-02-05 21:56:02 UTC

* Prevent unintended pattern expansion in some reverse proxy
  configurations by strictly validating the request-URI. Fixes
  CVE-2011-3368, CVE-2011-3639, CVE-2011-4317.
* CVE-2011-3607: Fix integer overflow in ap_pregsub(), which allowed local
  privilege escalation.
* CVE-2012-0031: Fix client process being able to crash parent process
  during shutdown.
* CVE-2012-0053: Fix an issue in code 400 error responses that could expose
  "httpOnly" cookies.

11 of 1 result