Debian Security Advisory
DLA-66-1 apache2 -- LTS security update
- Date Reported:
- 29 Sep 2014
- Affected Packages:
- apache2
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2013-6438, CVE-2014-0118, CVE-2014-0226, CVE-2014-0231.
- More information:
-
- CVE-2014-0231
prevent denial of service in mod_cgid.
- CVE-2014-0226
prevent denial of service via race in mod_status.
- CVE-2014-0118
fix resource consumption via mod_deflate body decompression.
- CVE-2013-6438
prevent denial of service via mod_dav incorrect end of string
For Debian 6
Squeeze
, these issues have been fixed in apache2 version 2.2.16-6+squeeze13 - CVE-2014-0231