summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSylvain Beucler <beuc@beuc.net>2021-12-01 18:20:05 +0100
committerSylvain Beucler <beuc@beuc.net>2021-12-01 18:20:24 +0100
commit586fbe0aeb855e2a2a2895b07301b203b5b2022d (patch)
tree4027e22acdd824c05139097f5c5267f0fcd71c1a
parent9fd760273b152bdbd3c8dcfe8e4b3e131f057a21 (diff)
CVE-2021-36160/apache2: reference upstream'd regression patch
-rw-r--r--data/CVE/list.20211
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 4cf9f58fc3..ed4f5ecf68 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -19530,6 +19530,7 @@ CVE-2021-36160 (A carefully crafted request uri-path can cause mod_proxy_uwsgi t
NOTE: uwsgi since 2.0.15-11 drops building the libapache2-mod-proxy-uwsgi{,-dbg}
NOTE: packages which are provided by src:apache2 itself.
NOTE: Regression report: https://bz.apache.org/bugzilla/show_bug.cgi?id=65616
+ NOTE: Regression patch: https://github.com/apache/httpd/commit/8966e290a6e947fad0289bf4e243b0b552e13726 (2.4.x)
CVE-2021-36159 (libfetch before 2021-07-26, as used in apk-tools, xbps, and other prod ...)
NOT-FOR-US: libfetch
CVE-2021-36158 (In the xrdp package (in branches through 3.14) for Alpine Linux, RDP s ...)

© 2014-2024 Faster IT GmbH | imprint | privacy policy