[Bug 495] Apache-2.0.48

blfs-bugs at linuxfromscratch.org blfs-bugs at linuxfromscratch.org
Sun Feb 1 08:23:27 PST 2004


------- Additional Comments From petri.koistinen at iki.fi  2004-02-01 09:23 -------
This version of Apache is principally a bug fix release. Of particular note is
that 2.0.48 addresses two security vulnerabilities:

mod_cgid mishandling of CGI redirect paths could result in CGI output going to
the wrong client when a threaded MPM is used.
[CAN-2003-0789] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0789

A buffer overflow could occur in mod_alias and mod_rewrite when a regular
expression with more than 9 captures is configured.
[CAN-2003-0542] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0542

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
You are the QA contact for the bug, or are watching the QA contact.

More information about the blfs-book mailing list