[Git][security-tracker-team/security-tracker][master] Update information for CVE-2018-1333/apache2
Salvatore Bonaccorso
carnil at debian.org
Thu Jul 19 20:55:27 BST 2018
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b06a4e5e by Salvatore Bonaccorso at 2018-07-19T21:53:51+02:00
Update information for CVE-2018-1333/apache2
Mark apache2 in jessie as not-affected, HTTP/2 support introducer in
2.4.17 only.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -35316,7 +35316,9 @@ CVE-2018-1334 (In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when u
CVE-2018-1333 (By specially crafting HTTP/2 requests, workers would be allocated 60 ...)
- apache2 <unfixed> (bug #904106)
[stretch] - apache2 <no-dsa> (Minor issue)
+ [jessie] - apache2 <not-affected> (Vulnerable code not present)
NOTE: Affects 2.4.18-2.4.33
+ NOTE: HTTP/2 support introduced in 2.4.17
NOTE: http://www.openwall.com/lists/oss-security/2018/07/18/1
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2018-1333
CVE-2018-1332 (Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b06a4e5e3eb7097c53801483e1d4bbb0a7a14adf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b06a4e5e3eb7097c53801483e1d4bbb0a7a14adf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180719/3f3fe4ba/attachment.html>
More information about the debian-security-tracker-commits
mailing list