← Back to team overview

enterprise-support team mailing list archive

  1. enterprise-support team
  2. Mailing list archive
  3. Message #08242

[Bug 1565744] Re: "Mutex file:${APACHE_LOCK_DIR} default" should be disabled by default on Linux because it leads to errors

  Thread PreviousDate PreviousThread Next 
This bug was fixed in the package apache2 - 2.4.18-2ubuntu3.17

---------------
apache2 (2.4.18-2ubuntu3.17) xenial-security; urgency=medium

  * SECURITY UPDATE: mod_rewrite redirect issue
    - debian/patches/CVE-2020-1927-1.patch: factor out default regex flags
      in include/ap_regex.h, server/core.c, server/util_pcre.c.
    - debian/patches/CVE-2020-1927-2.patch: add AP_REG_NO_DEFAULT to allow
      opt-out of pcre defaults in include/ap_regex.h,
      modules/filters/mod_substitute.c, server/util_pcre.c,
      server/util_regex.c.
    - CVE-2020-1927
  * SECURITY UPDATE: mod_proxy_ftp uninitialized memory issue
    - debian/patches/CVE-2020-1934.patch: trap bad FTP responses in
      modules/proxy/mod_proxy_ftp.c.
    - CVE-2020-1934

 -- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx>  Wed, 12 Aug 2020
17:35:50 -0400

** Changed in: apache2 (Ubuntu Xenial)
       Status: Fix Committed => Fix Released

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-1927

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-1934

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1565744

Title:
  "Mutex file:${APACHE_LOCK_DIR} default" should be disabled by default
  on Linux because it leads to errors

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1565744/+subscriptions

References

  Thread PreviousDate PreviousThread Next