diff options
| author | Sylvain Beucler <beuc@beuc.net> | 2021-12-01 18:20:05 +0100 |
|---|---|---|
| committer | Sylvain Beucler <beuc@beuc.net> | 2021-12-01 18:20:24 +0100 |
| commit | e84e132f9b000175f1e134fa12df3afe8e2ebf3d (patch) | |
| tree | ec3f821eebc2565cd826b1fed555a81de481b88a | |
| parent | 6678b92915dba1af5847a0e7ad93949eb5b7b751 (diff) | |
CVE-2021-36160/apache2: reference upstream'd regression patch
| -rw-r--r-- | data/CVE/2021.list | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 4cf9f58fc3..ed4f5ecf68 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -19530,6 +19530,7 @@ CVE-2021-36160 (A carefully crafted request uri-path can cause mod_proxy_uwsgi t NOTE: uwsgi since 2.0.15-11 drops building the libapache2-mod-proxy-uwsgi{,-dbg} NOTE: packages which are provided by src:apache2 itself. NOTE: Regression report: https://bz.apache.org/bugzilla/show_bug.cgi?id=65616 + NOTE: Regression patch: https://github.com/apache/httpd/commit/8966e290a6e947fad0289bf4e243b0b552e13726 (2.4.x) CVE-2021-36159 (libfetch before 2021-07-26, as used in apk-tools, xbps, and other prod ...) NOT-FOR-US: libfetch CVE-2021-36158 (In the xrdp package (in branches through 3.14) for Alpine Linux, RDP s ...) |