* SECURITY UPDATE: log file poisoning via mod_rewrite (LP: #1188069)
- debian/patches/CVE-2013-1862.dpatch: properly escape items in
modules/mappers/mod_rewrite.c.
- CVE-2013-1862
* SECURITY UPDATE: denial of service via MERGE request
- debian/patches/CVE-2013-1896.dpatch: make sure DAV is enabled for URI
in modules/dav/main/mod_dav.c.
- CVE-2013-1896
-- Marc Deslauriers <email address hidden> Fri, 12 Jul 2013 09:00:34 -0400
This bug was fixed in the package apache2 - 2.2.14-5ubuntu8.12
--------------- 5ubuntu8. 12) lucid-security; urgency=low
apache2 (2.2.14-
* SECURITY UPDATE: log file poisoning via mod_rewrite (LP: #1188069) patches/ CVE-2013- 1862.dpatch: properly escape items in mappers/ mod_rewrite. c. patches/ CVE-2013- 1896.dpatch: make sure DAV is enabled for URI dav/main/ mod_dav. c.
- debian/
modules/
- CVE-2013-1862
* SECURITY UPDATE: denial of service via MERGE request
- debian/
in modules/
- CVE-2013-1896
-- Marc Deslauriers <email address hidden> Fri, 12 Jul 2013 09:00:34 -0400