[Git][security-tracker-team/security-tracker][master] Add upstream commit for CVE-2021-36160/apache2
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Sep 20 20:27:29 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
cac4129f by Salvatore Bonaccorso at 2021-09-20T21:26:51+02:00
Add upstream commit for CVE-2021-36160/apache2
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -12154,6 +12154,7 @@ CVE-2021-36161 (Some component in Dubbo will try to print the formated string of
CVE-2021-36160 (A carefully crafted request uri-path can cause mod_proxy_uwsgi to read ...)
- apache2 2.4.49-1
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2021-36160
+ NOTE: https://github.com/apache/httpd/commit/b364cad72b48dd40fbc2850e525b845406520f0b
CVE-2021-36159 (libfetch before 2021-07-26, as used in apk-tools, xbps, and other prod ...)
NOT-FOR-US: libfetch
CVE-2021-36158 (In the xrdp package (in branches through 3.14) for Alpine Linux, RDP s ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cac4129f5fe4f42a339af5299186bc60f5d4453c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cac4129f5fe4f42a339af5299186bc60f5d4453c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210920/b2daf329/attachment.htm>
More information about the debian-security-tracker-commits
mailing list