Nome do pacote
apache-mod_security
Data
2013-07-02
ID Alerta
MDVSA-2013:187
Versões afetadas
MES5 i586 , MBS1 x86_64 , MES5 x86_64

Descrição do problema

Updated apache-mod_security packages fix security vulnerability:

When ModSecurity receives a request body with a size bigger than the
value set by the SecRequestBodyInMemoryLimit and with a Content-Type
that has no request body processor mapped to it, ModSecurity will
systematically crash on every call to forceRequestBodyVariable (in
phase 1) (CVE-2013-2765).

Pacotes atualizados

MES5 i586

 d96691d5037b826c0ef3977a1e2bb22b  mes5/i586/apache-mod_security-2.5.12-0.5mdvmes5.2.i586.rpm
 3c61a5602aa5bf2727fb1a4114f5be91  mes5/i586/mlogc-2.5.12-0.5mdvmes5.2.i586.rpm 
 955ef3d68ba21db4909a61623eb9a24c  mes5/SRPMS/apache-mod_security-2.5.12-0.5mdvmes5.2.src.rpm

MBS1 x86_64

 6c22d83dc3a60409f00ab408646d2de3  mbs1/x86_64/apache-mod_security-2.6.3-5.3.mbs1.x86_64.rpm
 eef3d933ed0d9bfbe05faca382446f7d  mbs1/x86_64/mlogc-2.6.3-5.3.mbs1.x86_64.rpm 
 61f6889bf73f70137571c8ceb29c9516  mbs1/SRPMS/apache-mod_security-2.6.3-5.3.mbs1.src.rpm

MES5 x86_64

 eb0232716c8057ed7d03f461d4f4233d  mes5/x86_64/apache-mod_security-2.5.12-0.5mdvmes5.2.x86_64.rpm
 f138a1c5b019df8b80b48fc084c44432  mes5/x86_64/mlogc-2.5.12-0.5mdvmes5.2.x86_64.rpm 
 955ef3d68ba21db4909a61623eb9a24c  mes5/SRPMS/apache-mod_security-2.5.12-0.5mdvmes5.2.src.rpm

Referências