[Git][security-tracker-team/security-tracker][master] Track various CVE fixes for apache2 via unstable
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 10 13:39:26 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
00149f50 by Salvatore Bonaccorso at 2021-06-10T14:38:57+02:00
Track various CVE fixes for apache2 via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8964,7 +8964,7 @@ CVE-2021-3496 (A heap-based buffer overflow was found in jhead in version 3.06 i
CVE-2021-30641
RESERVED
[experimental] - apache2 2.4.48-1
- - apache2 <unfixed>
+ - apache2 2.4.46-6
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-30641
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1966743
NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=65238
@@ -18562,13 +18562,13 @@ CVE-2021-26692
CVE-2021-26691
RESERVED
[experimental] - apache2 2.4.48-1
- - apache2 <unfixed>
+ - apache2 2.4.46-6
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-26691
NOTE: https://github.com/apache/httpd/commit/7e09dd714fc62c08c5b0319ed7b9702594faf49b
CVE-2021-26690
RESERVED
[experimental] - apache2 2.4.48-1
- - apache2 <unfixed>
+ - apache2 2.4.46-6
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-26690
NOTE: https://github.com/apache/httpd/commit/67bd9bfe6c38831e14fe7122f1d84391472498f8
CVE-2021-26249
@@ -36118,7 +36118,7 @@ CVE-2020-35453 (HashiCorp Vault Enterprise’s Sentinel EGP policy feature i
CVE-2020-35452
RESERVED
[experimental] - apache2 2.4.48-1
- - apache2 <unfixed>
+ - apache2 2.4.46-6
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-35452
NOTE: https://github.com/apache/httpd/commit/3b6431eb9c9dba603385f70a2131ab4a01bf0d3b
CVE-2020-35451 (There is a race condition in OozieSharelibCLI in Apache Oozie before v ...)
@@ -77958,7 +77958,7 @@ CVE-2020-13951 (Attackers can use public NetTest web service of Apache OpenMeeti
CVE-2020-13950
RESERVED
[experimental] - apache2 2.4.48-1
- - apache2 <unfixed>
+ - apache2 2.4.46-6
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-13950
NOTE: https://svn.apache.org/r1678771
CVE-2020-13949 (In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send sho ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00149f50d09a990d241b13b94219ef2627e46ef5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00149f50d09a990d241b13b94219ef2627e46ef5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210610/139cb54d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list