diff options
author | Sylvain Beucler <beuc@beuc.net> | 2021-12-01 18:20:05 +0100 |
---|---|---|
committer | Sylvain Beucler <beuc@beuc.net> | 2021-12-01 18:20:24 +0100 |
commit | 586fbe0aeb855e2a2a2895b07301b203b5b2022d (patch) | |
tree | 4027e22acdd824c05139097f5c5267f0fcd71c1a | |
parent | 9fd760273b152bdbd3c8dcfe8e4b3e131f057a21 (diff) |
CVE-2021-36160/apache2: reference upstream'd regression patch
-rw-r--r-- | data/CVE/list.2021 | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 4cf9f58fc3..ed4f5ecf68 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -19530,6 +19530,7 @@ CVE-2021-36160 (A carefully crafted request uri-path can cause mod_proxy_uwsgi t NOTE: uwsgi since 2.0.15-11 drops building the libapache2-mod-proxy-uwsgi{,-dbg} NOTE: packages which are provided by src:apache2 itself. NOTE: Regression report: https://bz.apache.org/bugzilla/show_bug.cgi?id=65616 + NOTE: Regression patch: https://github.com/apache/httpd/commit/8966e290a6e947fad0289bf4e243b0b552e13726 (2.4.x) CVE-2021-36159 (libfetch before 2021-07-26, as used in apk-tools, xbps, and other prod ...) NOT-FOR-US: libfetch CVE-2021-36158 (In the xrdp package (in branches through 3.14) for Alpine Linux, RDP s ...) |