Date: Thu, 02 Apr 2020 14:06:21 +0000 From: bugzilla-noreply@freebsd.org To: apache@FreeBSD.org Subject: [Bug 245284] www/apache24: Security Update to 2.4.43 Message-ID: <bug-245284-16115@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D245284 Bug ID: 245284 Summary: www/apache24: Security Update to 2.4.43 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: security Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: apache@FreeBSD.org Reporter: pascal.christen@hostpoint.ch Assignee: apache@FreeBSD.org Flags: maintainer-feedback?(apache@FreeBSD.org) Created attachment 212981 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D212981&action= =3Dedit Apache Update to 2.4.43 Changes with Apache 2.4.43 *) SECURITY: CVE-2020-1934 (cve.mitre.org) mod_proxy_ftp: Use of uninitialized value with malicious backend FTP server. [Eric Covener] *) SECURITY: CVE-2020-1927 (cve.mitre.org) rewrite, core: Set PCRE_DOTALL flag by default to avoid unpredictable matches and substitutions with encoded line break characters. The fix for CVE-2019-10098 was not effective. [Ruediger Pluem] *) mod_ssl: Fix memory leak of OCSP stapling response. [Yann Ylavic] https://downloads.apache.org//httpd/CHANGES_2.4.43 --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-245284-16115>