[Buildroot] [PATCH] package/apache: security bump to version 2.4.43
Peter Korsgaard
peter at korsgaard.com
Sat Apr 4 15:28:25 UTC 2020
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
> Fixes the following security issues:
> *) SECURITY: CVE-2020-1934 (cve.mitre.org)
> mod_proxy_ftp: Use of uninitialized value with malicious backend FTP
> server. [Eric Covener]
> *) SECURITY: CVE-2020-1927 (cve.mitre.org)
> rewrite, core: Set PCRE_DOTALL flag by default to avoid unpredictable
> matches and substitutions with encoded line break characters.
> The fix for CVE-2019-10098 was not effective. [Ruediger Pluem]
> The LICENSE file has been updated to fix a s/waranties/warranties/ typo, so
> update the hash to match and adjust the spacing to match recent agreements:
> -This software is provided "as is" and any express or implied waranties,
> +This software is provided "as is" and any express or implied warranties,
> Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
Committed, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list