enterprise-support team mailing list archive

Thread
Date

[Bug 1394403] Re: RewriteRule of "^$" is broken

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <1394403@xxxxxxxxxxxxxxxxxx>
Date: Mon, 18 Jul 2016 17:54:59 -0000
Reply-to: Bug 1394403 <1394403@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This bug was fixed in the package apache2 - 2.4.7-1ubuntu4.13

---------------
apache2 (2.4.7-1ubuntu4.13) trusty-security; urgency=medium

  * SECURITY UPDATE: proxy request header vulnerability (httpoxy)
    - debian/patches/CVE-2016-5387.patch: don't pass through HTTP_PROXY in
      server/util_script.c.
    - CVE-2016-5387
  * This update does _not_ contain the changes from (2.4.7-1ubuntu4.12) in
    trusty-proposed.

 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>  Thu, 14 Jul 2016
08:40:55 -0400

** Changed in: apache2 (Ubuntu Trusty)
       Status: Incomplete => Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-5387

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1394403

Title:
  RewriteRule of "^$" is broken

To manage notifications about this bug go to:
https://bugs.launchpad.net/apache2/+bug/1394403/+subscriptions

References

[Bug 1394403] [NEW] apache 2.4.7 mod_dir bug PR53929
From: Matthias Ferdinand, 2014-11-19