Summary: | <www-servers/apache-2.4.51: remote code execution or directory traversal | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | apache-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://www.openwall.com/lists/oss-security/2021/10/07/6 | ||
See Also: | https://bugs.gentoo.org/show_bug.cgi?id=816399 | ||
Whiteboard: | C1 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 816870 | ||
Bug Blocks: | 813429 |
Description
John Helmert III
2021-10-07 16:04:57 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4a94cc280cdb4f52c63e21b8dc24968e40536385 commit 4a94cc280cdb4f52c63e21b8dc24968e40536385 Author: Thomas Deutschmann <whissi@gentoo.org> AuthorDate: 2021-10-07 16:07:00 +0000 Commit: Thomas Deutschmann <whissi@gentoo.org> CommitDate: 2021-10-07 16:08:21 +0000 www-servers/apache: bump to v2.4.51 Bug: https://bugs.gentoo.org/816864 Package-Manager: Portage-3.0.28, Repoman-3.0.3 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org> www-servers/apache/Manifest | 1 + www-servers/apache/apache-2.4.51.ebuild | 262 ++++++++++++++++++++++++++++++++ 2 files changed, 263 insertions(+) Please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6fc4a67bce4f01ef844dd2cd720a348527f42197 commit 6fc4a67bce4f01ef844dd2cd720a348527f42197 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2021-10-08 06:48:04 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2021-10-08 06:48:04 +0000 app-admin/apache-tools: Security cleanup Bug: https://bugs.gentoo.org/816864 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> app-admin/apache-tools/Manifest | 1 - app-admin/apache-tools/apache-tools-2.4.50.ebuild | 103 ---------------------- 2 files changed, 104 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c2a21676c8017485107e53c6b15c9d12c5ac87b1 commit c2a21676c8017485107e53c6b15c9d12c5ac87b1 Author: Lars Wendler <polynomial-c@gentoo.org> AuthorDate: 2021-10-08 06:47:28 +0000 Commit: Lars Wendler <polynomial-c@gentoo.org> CommitDate: 2021-10-08 06:47:28 +0000 www-servers/apache: Security cleanup Bug: https://bugs.gentoo.org/816864 Signed-off-by: Lars Wendler <polynomial-c@gentoo.org> www-servers/apache/Manifest | 1 - www-servers/apache/apache-2.4.50.ebuild | 262 -------------------------------- 2 files changed, 263 deletions(-) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=7809350d99ef042a9f97a7a6edcb9ca5c28db476 commit 7809350d99ef042a9f97a7a6edcb9ca5c28db476 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-14 00:09:33 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-14 00:11:42 +0000 [ GLSA 202208-20 ] Apache HTTPD: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/813429 Bug: https://bugs.gentoo.org/816399 Bug: https://bugs.gentoo.org/816864 Bug: https://bugs.gentoo.org/829722 Bug: https://bugs.gentoo.org/835131 Bug: https://bugs.gentoo.org/850622 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-20.xml | 78 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) GLSA released, all done! |