[ubuntu/jammy-security] lighttpd 1.4.63-1ubuntu3.1 (Accepted)
Paulo Flabiano Smorigo
pfsmorigo at canonical.com
Mon Feb 27 19:42:15 UTC 2023
lighttpd (1.4.63-1ubuntu3.1) jammy-security; urgency=medium
* SECURITY UPDATE: Out-of-bounds Write
- debian/patches/CVE-2022-22707.patch: mod_extforward_Forwarded function
of the mod_extforward plugin has a stack-based buffer overflow.
(LP: #1994989)
- CVE-2022-22707
* SECURITY UPDATE: Resource leak
- debian/patches/CVE-2022-41556.patch: Resource leak in gw_backend.c.
- CVE-2022-41556
Date: 2023-02-16 20:01:09.701030+00:00
Changed-By: Jack Fewx <jack at fewx.com>
Signed-By: Paulo Flabiano Smorigo <pfsmorigo at canonical.com>
https://launchpad.net/ubuntu/+source/lighttpd/1.4.63-1ubuntu3.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list