[Bug 270037] www/apache24: Security Update to 2.4.56

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 08 Mar 2023 13:43:55 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270037

            Bug ID: 270037
           Summary: www/apache24: Security Update to 2.4.56
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: apache@FreeBSD.org
          Reporter: fabian@wenks.ch
          Assignee: apache@FreeBSD.org
             Flags: maintainer-feedback?(apache@FreeBSD.org)

Posting in oss-security mailing list:

CVE-2023-25690: Apache HTTP Server: HTTP request splitting with mod_rewrite and
mod_proxy
https://www.openwall.com/lists/oss-security/2023/03/07/1

CVE-2023-27522: Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting
https://www.openwall.com/lists/oss-security/2023/03/07/2

And Apache httpd ChangeLog for 2.4.56:
https://downloads.apache.org/httpd/CHANGES_2.4.56

-- 
You are receiving this mail because:
You are the assignee for the bug.