[ubuntu/focal-security] modsecurity-apache 2.9.3-1ubuntu0.1 (Accepted)

Allen Huang allen.huang at canonical.com
Thu Sep 14 12:38:45 UTC 2023

modsecurity-apache (2.9.3-1ubuntu0.1) focal-security; urgency=medium

  * SECURITY UPDATE: denial of service
    - debian/patches/CVE-2021-42717.patch: added support for configurable
      limit on depth of JSON parsing.
  * SECURITY UPDATE: firewall failure
    - debian/patches/CVE-2022-48279.patch: fixed HTTP multipart parsing
      and added and new MULTIPART_PART_HEADERS collection.
  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2023-24021.patch: fixed incomplete content in

Date: 2023-09-13 15:02:08.883435+00:00
Changed-By: Allen Huang <allen.huang at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Focal-changes mailing list