[slackware-security] httpd (SSA:2021-158-01)
New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current
to fix security issues.
Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/httpd-2.4.48-i586-1_slack14.2.txz: Upgraded.
This release contains security fixes and improvements.
mod_http2: Fix a potential NULL pointer dereference.
Unexpected <Location> section matching with 'MergeSlashes OFF'.
mod_auth_digest: possible stack overflow by one nul byte while validating
the Digest nonce.
mod_session: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service with a malicious backend
server and SessionHeader.
mod_session: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service.
mod_proxy_http: Fix possible crash due to NULL pointer dereference, which
could be used to cause a Denial of Service.
mod_proxy_wstunnel, mod_proxy_http: Handle Upgradable protocols end-to-end
negotiation.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-31618
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30641
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35452
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26691
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-26690
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13950
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17567
(* Security fix *)
+--------------------------+
Och så fortsätter det...
Kernel 5.12.8 RC1 med 7 uppdateringar/ändringar sedan 5.12.7
Kernel 5.10.41 RC1 med 9 uppdateringar/ändringar sedan 5.10.40
Kernel 5.4.123 RC1 med 7 uppdateringar/ändringar sedan 5.4.122
Redigerat:
Ovan listade kärnor släpptes igår. Changelog finns länkad i "modulen" till höger.
Senaste version av Skypeforlinux, 8.72.0.94 släpptes idag.
Kan hämtas här
(Välj rätt version!!)
Slackbuild för 14.2
Slackbuild för current
RSS resultat...
Till minne av Håkan Nilsson
Mitt Slackware
Appendix Programhantering