* SECURITY UPDATE: proxy request header vulnerability (httpoxy)
- debian/patches/CVE-2016-5387.patch: don't pass through HTTP_PROXY in
server/util_script.c.
- CVE-2016-5387
* This update does _not_ contain the changes from (2.4.7-1ubuntu4.12) in
trusty-proposed.
This bug was fixed in the package apache2 - 2.4.7-1ubuntu4.13
---------------
apache2 (2.4.7-1ubuntu4.13) trusty-security; urgency=medium
* SECURITY UPDATE: proxy request header vulnerability (httpoxy) patches/ CVE-2016- 5387.patch: don't pass through HTTP_PROXY in util_script. c. proposed.
- debian/
server/
- CVE-2016-5387
* This update does _not_ contain the changes from (2.4.7-1ubuntu4.12) in
trusty-
-- Marc Deslauriers <email address hidden> Thu, 14 Jul 2016 08:40:55 -0400