[Bug 262557] [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see https://reviews.freebsd.org/D34549

Reply: bugzilla-noreply_a_freebsd.org: "maintainer-feedback requested: [Bug 262557] [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see https://reviews.freebsd.org/D34549"
Reply: bugzilla-noreply_a_freebsd.org: "maintainer-feedback requested: [Bug 262557] [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see https://reviews.freebsd.org/D34549"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262557] [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see https://reviews.freebsd.org/D34549"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262557] [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see https://reviews.freebsd.org/D34549"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262557] [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see https://reviews.freebsd.org/D34549"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262557] [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see https://reviews.freebsd.org/D34549"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262557] [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see https://reviews.freebsd.org/D34549"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262557] [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see https://reviews.freebsd.org/D34549"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262557] [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see https://reviews.freebsd.org/D34549"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 262557] [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see https://reviews.freebsd.org/D34549"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 14 Mar 2022 19:02:51 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=262557

            Bug ID: 262557
           Summary: [PATCH] www/apache24 - Update to 2.4.53 (Fix CVEs) see
                    https://reviews.freebsd.org/D34549
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://reviews.freebsd.org/D34549
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: apache@FreeBSD.org
          Reporter: cy@FreeBSD.org
                CC: apache@FreeBSD.org
             Flags: maintainer-feedback?(apache@FreeBSD.org)
             Flags: maintainer-feedback?(apache@FreeBSD.org),
                    merge-quarterly?
                CC: apache@FreeBSD.org

Please see https://reviews.freebsd.org/D34549 for the patch.

2.4.53 fixes the following CVEs"

- CVE-2022-22720: HTTP request smuggling vulnerability in Apache HTTP Server
2.4.52 and earlier

- CVE-2022-22719: Apache HTTP Server: mod_lua Use of uninitialized value of in
r:parsebody

- CVE-2022-22721: Apache HTTP Server: core: Possible buffer overflow with very
large or unlimited LimitXMLRequestBody

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.