AnNyung Official Homepage Home > Update [ 3 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



httpd 보안 업데이트

 : 2018.04.11
     : httpd-100:2.4.33-1.an3
     : AnNyung Packaging Team

     :

    The Apache HTTP Server is a powerful, efficient, and extensible
    web server.

변경사항

    - update 2.4.33
      see also http://www.apache.org/dist/httpd/CHANGES_2.4.33
      see also http://www.apache.org/dist/httpd/CHANGES_2.4.32
      see also http://www.apache.org/dist/httpd/CHANGES_2.4.29
    - add mod_md module
    - security issues
      . CVE-2017-15710 mod_authnz_ldap:
        Out of bound write with AuthLDAPCharsetConfig enabled
      . CVE-2017-15715 core:
        Configure the regular expression engine to match '$' to the end of
        the input string only, excluding matching the end of any embedded 
        newline characters. Behavior can be changed with new directive 
        'RegexDefaultOptions'.
      . CVE-2018-1283 mod_session:
        CGI-like applications that intend to read from mod_session's 
        'SessionEnv ON' could be fooled into reading user-supplied data instead.
      . CVE-2018-1301 core:
        Possible crash with excessively long HTTP request headers. 
        Impractical to exploit with a production build and production LogLevel.
      . CVE-2018-1302 mod_http2: Potential crash w/ mod_http2
      . CVE-2018-1303 mod_cache_socache:
        Fix request headers parsing to avoid a possible crash
        with specially crafted input data.
      . CVE-2018-1312 mod_auth_digest:
        Fix generation of nonce values to prevent replay
        attacks across servers using a common Digest domain. This change
        may cause problems if used with round robin load balancers.



    SRPMS:
        . httpd-2.4.33-1.an3.src.rpm

    x86_64:
        . httpd-2.4.33-1.an3.x86_64.rpm
        . httpd-devel-2.4.33-1.an3.x86_64.rpm
        . httpd-tools-2.4.33-1.an3.x86_64.rpm
        . mod_brotli-2.4.33-1.an3.x86_64.rpm
        . mod_ldap-2.4.33-1.an3.x86_64.rpm
        . mod_md-2.4.33-1.an3.x86_64.rpm
        . mod_proxy_html-2.4.33-1.an3.x86_64.rpm
        . mod_session-2.4.33-1.an3.x86_64.rpm
        . mod_ssl-2.4.33-1.an3.x86_64.rpm

    noarch:
        . httpd-manual-2.4.33-1.an3.noarch.rpm



    



 Home > Update [ 3 ]

Copyright 2024 OOPS Development Organization 
LAST MODIFIED: 2021/12/30