Ubuntu
lighttpd package

  1. Bug #1994989
  2. Comment #14

Comment 14 for bug 1994989

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package lighttpd - 1.4.63-1ubuntu3.1

---------------
lighttpd (1.4.63-1ubuntu3.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Out-of-bounds Write
    - debian/patches/CVE-2022-22707.patch: mod_extforward_Forwarded function
      of the mod_extforward plugin has a stack-based buffer overflow.
      (LP: #1994989)
    - CVE-2022-22707
  * SECURITY UPDATE: Resource leak
    - debian/patches/CVE-2022-41556.patch: Resource leak in gw_backend.c.
    - CVE-2022-41556

 -- Jack Fewx <email address hidden> Mon, 13 Feb 2023 21:33:26 -0600