[Git][security-tracker-team/security-tracker][master] CVE-2024-43204/apache2
Bastien Roucariès (@rouca)
rouca at debian.org
Tue Jul 29 23:13:49 BST 2025
Bastien Roucariès pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ea602894 by Bastien Roucariès at 2025-07-30T00:13:10+02:00
CVE-2024-43204/apache2
Add a prerequist commit before the fix for correctness
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4997,7 +4997,8 @@ CVE-2024-43204 (SSRF in Apache HTTP Server with mod_proxy loaded allows an attac
- apache2 2.4.64-1
[bookworm] - apache2 <no-dsa> (Will be updated via point release)
NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-43204
- NOTE: Fixed by: https://github.com/apache/httpd/commit/b3d3ded288815bea063c3bf77dd80b26446f76ce
+ NOTE: Fixed by [1/2]: https://github.com/apache/httpd/commit/6764774d51f3dcb07e79779c64a463d3c112b53f (2.4.64)
+ NOTE: Fixed by [2/2]: https://github.com/apache/httpd/commit/b3d3ded288815bea063c3bf77dd80b26446f76ce (2.4.64)
CVE-2024-42516 (HTTP response splitting in the core of Apache HTTP Server allows an at ...)
- apache2 2.4.64-1
[bookworm] - apache2 <no-dsa> (Will be updated via point release)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea60289411764668efe858b5f4f13e18ccebbeb5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea60289411764668efe858b5f4f13e18ccebbeb5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250729/3b0757a7/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list