enterprise-support team mailing list archive

Thread
Date

[Bug 1769304] Re: Apache2 mod_remoteip+rewrite allows client to forge IP address

To: enterprise-support@xxxxxxxxxxxxxxxxxxx
From: Andreas Hasenack <andreas@xxxxxxxxxxxxx>
Date: Fri, 23 Nov 2018 20:21:16 -0000
Reply-to: Bug 1769304 <1769304@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

This is fixed in bionic and later. Leaving a task open for xenial.

Links to the upstream fix:
https://svn.apache.org/viewvc?view=revision&revision=1767483
https://github.com/apache/httpd/commit/950093162e445141c5126e4d11e6466e3184b0ce


** Also affects: apache2 (Ubuntu Xenial)
   Importance: Undecided
       Status: New

** Changed in: apache2 (Ubuntu)
       Status: Triaged => Fix Released

** Changed in: apache2 (Ubuntu Xenial)
       Status: New => Triaged

** Changed in: apache2 (Ubuntu Xenial)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1769304

Title:
  Apache2 mod_remoteip+rewrite allows client to forge IP address

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1769304/+subscriptions