[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: [oss-security] Re: CVE-2017-15710: Out of bound write in mod_authnz_ldap when using too small Accept
From: Yann Ylavic <ylavic.dev () gmail ! com>
Date: 2018-03-27 8:58:50
Message-ID: CAKQ1sVM601_qrcr_-Y8axM=etSCDVh7k3h_ZkRjSA1Va1aH_Tw () mail ! gmail ! com
[Download RAW message or body]
Hi Dago,
On Mon, Mar 26, 2018 at 9:42 PM, Dagobert [...] wrote:
>
> Am 26.03.2018 um 07:06 schrieb Daniel Ruggeri:
>>
>> Users of (the now end-of-life) httpd 2.2 who cannot upgrade at this time
>> should apply CVE-2017-15710.patch, which is available at
>>
>> https://www.apache.org/dist/httpd/patches/apply_to_2.2.34/
>
> This link does not exist, there is only
> https://www.apache.org/dist/httpd/patches/apply_to_2.4.27/
Thanks for noticing and letting us know.
The 2.2 version of httpd has ended its long life and went to the attic
(almost simultaneously with this announcement):
https://archive.apache.org/dist/httpd/patches/apply_to_2.2.34/
Regards,
Yann.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic