Paketname
apache-mod_security
Datum
2014-05-08
Advisory ID
MDVSA-2014:081
Betroffene Versionen
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Problembeschreibung

Updated apache-mod_security packages fix security vulnerability:

Martin Holst Swende discovered a flaw in the way mod_security handled
chunked requests. A remote attacker could use this flaw to bypass
intended mod_security restrictions, allowing them to send requests
containing content that should have been removed by mod_security
(CVE-2013-5705).

Aktualisierte Pakete

MES5 i586

 db46a0d3c58282dcfe04727dd86e2a17  mes5/i586/apache-mod_security-2.5.12-0.6mdvmes5.2.i586.rpm
 aca483fdd1636091ee22011f982a0ca0  mes5/i586/mlogc-2.5.12-0.6mdvmes5.2.i586.rpm 
 9161a3c2199d97c0280bab4e55c80b4e  mes5/SRPMS/apache-mod_security-2.5.12-0.6mdvmes5.2.src.rpm

MBS1 x86_64

 5054d6b07b39f3388015fecb23656c36  mbs1/x86_64/apache-mod_security-2.6.3-5.4.mbs1.x86_64.rpm
 ffcf62b9982c5be8b222763df594de24  mbs1/x86_64/mlogc-2.6.3-5.4.mbs1.x86_64.rpm 
 d3b3db04cacc97c7d0f14f20eeab1cda  mbs1/SRPMS/apache-mod_security-2.6.3-5.4.mbs1.src.rpm

MES5 x86_64

 9399f1df36d87e88bbbc9c6168f3e9d8  mes5/x86_64/apache-mod_security-2.5.12-0.6mdvmes5.2.x86_64.rpm
 fb3954ad17067ea1151ad39a5bb416bf  mes5/x86_64/mlogc-2.5.12-0.6mdvmes5.2.x86_64.rpm 
 9161a3c2199d97c0280bab4e55c80b4e  mes5/SRPMS/apache-mod_security-2.5.12-0.6mdvmes5.2.src.rpm

Referenzen