enterprise-support team mailing list archive
-
enterprise-support team
-
Mailing list archive
-
Message #08524
[Bug 1945311] Re: Fix for CVE-2021-40438 breaks existing configs
This bug was fixed in the package apache2 - 2.4.46-4ubuntu1.3
---------------
apache2 (2.4.46-4ubuntu1.3) hirsute-security; urgency=medium
* SECURITY REGRESSION: Issues in UDS URIs (LP: #1945311)
- debian/patches/CVE-2021-40438-2.patch: Fix UDS unix: scheme for P
rules in modules/mappers/mod_rewrite.c.
- debian/patches/CVE-2021-40438-3.patch: Handle UDS URIs with empty
hostname in modules/mappers/mod_rewrite.c,
modules/proxy/proxy_util.c.
-- Marc Deslauriers <marc.deslauriers@xxxxxxxxxx> Tue, 28 Sep 2021
06:57:42 -0400
** Changed in: apache2 (Ubuntu Hirsute)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1945311
Title:
Fix for CVE-2021-40438 breaks existing configs
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1945311/+subscriptions
References