Paketname
apache-mod_security
Datum
2012-12-23
Advisory ID
MDVSA-2012:183
Betroffene Versionen
MES5 i586 , MES5 x86_64

Problembeschreibung

A vulnerability has been discovered and corrected in
apache-mod_security:

ModSecurity <= 2.6.8 is vulnerable to multipart/invalid part
ruleset bypass, this was fixed in 2.7.0 (released on2012-10-16)
(CVE-2012-4528).

The updated packages have been patched to correct this issue.

Aktualisierte Pakete

MES5 i586

 18413b1e0520660d62de9e65fb2481ce  mes5/i586/apache-mod_security-2.5.12-0.3mdvmes5.2.i586.rpm
 6bd19e22c13a4b5aca610c6a7049792a  mes5/i586/mlogc-2.5.12-0.3mdvmes5.2.i586.rpm 
 70689b90d15d7fba2ae35c8a4c40a960  mes5/SRPMS/apache-mod_security-2.5.12-0.3mdvmes5.2.src.rpm

MES5 x86_64

 bea5768d5f9a05b8d53426708ac7362d  mes5/x86_64/apache-mod_security-2.5.12-0.3mdvmes5.2.x86_64.rpm
 eea9adbbbfed5e5514a0370d2ff5b4c7  mes5/x86_64/mlogc-2.5.12-0.3mdvmes5.2.x86_64.rpm 
 70689b90d15d7fba2ae35c8a4c40a960  mes5/SRPMS/apache-mod_security-2.5.12-0.3mdvmes5.2.src.rpm

Referenzen