[Bug 871673] Re: APR "apr_fnmatch()" Denial of Service Vulnerability
Steve Beattie
sbeattie at ubuntu.com
Thu Oct 13 16:58:36 UTC 2011
Thanks for reporting this issue, which is CVE-2011-0419. It's a
vulnerability in apache's apr library, which in Ubuntu is shipped in the
separate 'apr' source package, and the apache packages links against it.
It was addressed in USN-1134-1 <http://www.ubuntu.com/usn/usn-1134-1>.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2011-0419
** Changed in: apache2 (Ubuntu)
Status: New => Invalid
** Also affects: apr (Ubuntu)
Importance: Undecided
Status: New
** Changed in: apr (Ubuntu)
Status: New => Fix Released
** Visibility changed to: Public
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/871673
Title:
APR "apr_fnmatch()" Denial of Service Vulnerability
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/871673/+subscriptions
More information about the Ubuntu-server-bugs
mailing list