[ubuntu/focal-security] modsecurity-apache 2.9.3-1ubuntu0.1 (Accepted)
Allen Huang
allen.huang at canonical.com
Thu Sep 14 12:38:45 UTC 2023
modsecurity-apache (2.9.3-1ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: denial of service
- debian/patches/CVE-2021-42717.patch: added support for configurable
limit on depth of JSON parsing.
* SECURITY UPDATE: firewall failure
- debian/patches/CVE-2022-48279.patch: fixed HTTP multipart parsing
and added and new MULTIPART_PART_HEADERS collection.
* SECURITY UPDATE: buffer overflow
- debian/patches/CVE-2023-24021.patch: fixed incomplete content in
FILES_TMP_CONTENT.
Date: 2023-09-13 15:02:08.883435+00:00
Changed-By: Allen Huang <allen.huang at canonical.com>
https://launchpad.net/ubuntu/+source/modsecurity-apache/2.9.3-1ubuntu0.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list