announce@httpd.apache.org, 2018-03

You are viewing a plain text version of this content. The canonical link for it is here.

- [ANNOUNCEMENT] Apache HTTP Server 2.4.33 Released - posted by Daniel Ruggeri <dr...@apache.org> on 2018/03/26 05:05:45 UTC, 0 replies.
- CVE-2018-1302: Possible write of after free on HTTP/2 stream shutdown - posted by Daniel Ruggeri <dr...@apache.org> on 2018/03/26 05:06:19 UTC, 0 replies.
- CVE-2018-1312: Weak Digest auth nonce generation in mod_auth_digest - posted by Daniel Ruggeri <dr...@apache.org> on 2018/03/26 05:06:19 UTC, 0 replies.
- CVE-2017-15715: bypass with a trailing newline in the file name - posted by Daniel Ruggeri <dr...@apache.org> on 2018/03/26 05:06:19 UTC, 0 replies.
- CVE-2018-1283: Tampering of mod_session data for CGI applications - posted by Daniel Ruggeri <dr...@apache.org> on 2018/03/26 05:06:19 UTC, 0 replies.
- CVE-2017-15710: Out of bound write in mod_authnz_ldap when using too small Accept-Language values - posted by Daniel Ruggeri <dr...@apache.org> on 2018/03/26 05:06:19 UTC, 0 replies.
- CVE-2018-1303: Possible out of bound read in mod_cache_socache - posted by Daniel Ruggeri <dr...@apache.org> on 2018/03/26 05:06:19 UTC, 0 replies.
- CVE-2018-1301: Possible out of bound access after failure in reading the HTTP request - posted by Daniel Ruggeri <dr...@apache.org> on 2018/03/26 05:06:19 UTC, 0 replies.