|
|
Log in / Subscribe / Register

Debian alert DLA-1102-1 (apache2)



From:
    	      Emilio Pozuelo Monfort <pochu@debian.org> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 1102-1] apache2 security update 


Date:
    	      Thu, 21 Sep 2017 22:42:18 +0200


Message-ID:
    	      <a6b395e9-714f-0d70-fceb-3da85adcbc85@debian.org>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : apache2
Version        : 2.2.22-13+deb7u12
CVE ID         : CVE-2017-9798
Debian Bug     : 876109

Hanno Boeck discovered that incorrect parsing of Limit directives of
.htaccess files by the Apache HTTP Server could result in memory
disclosure.

For Debian 7 "Wheezy", these problems have been fixed in version
2.2.22-13+deb7u12.

We recommend that you upgrade your apache2 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlnEJCYACgkQnUbEiOQ2
gwIogg/+OAWq7A+dZyYVSsjQkcXYp+OzZFk3ortCR1Fovg8NPhY5KmDEw6coUjNY
gMupMnc4vNR++GSRK6GfvT2QduAY5yJfwuMI60jI8hCOvN9mGOLYDOsuSu0mCby2
+GGpLDASvK7ZniDInJOQ3hLdfABQQIboBTo+h6WTjYNx7m3blWvl0MTd8iENjax9
nYpHqWvc5b+Q8ev0U08n2qgRRECVcK/IaayvPIwb0sd6yabp6lfXeUI5/0wNHMti
hL2Sel4HDmuOQ1DZZWHJfTCYYmrD1SZdjEo+PLLfBqp/DtWe6jM5rlbmA7tS/ZvW
EzfFp3PnjVI75UAK0cpUXMqFg8+LPe31RkpmKysSf2qVSPqTMO015veg8IjsyMnh
68VTMcOu/HRN2YRrgtbd57Fat1QriENEQ7qnEMPjlSyonjFZwxALhGiD45WgqBsa
Hl+cHG49CLFBttGVZ4qps89b5AvNP7RE44KRMhXDXzTfYyjaHHzkKIiV8F6knZc0
6t5GRm1rFAoanb0iMs9iezYkdLdiDGvFgOMhbHJSYCl26LbzL2UDKMXHIR5H9HNd
SAP+Hk11lYM2KKJ8LIp1faPFYxSGOqH4EDQ9CHm/nzJTEwjakVmIteGYX1UKzwRk
upV+cbmuisfGexLDEiIBq9Q4o0Ix93kiQN2NZjzdSTQRj1/nmfU=
=hXz7
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds