logo
DATABASE RESOURCES PRICING ABOUT US

apache2 - security update

Description

Two vulnerabilities have been discovered in the Apache HTTP server: * [CVE-2021-44224](https://security-tracker.debian.org/tracker/CVE-2021-44224) When operating as a forward proxy, Apache was depending on the setup suspectible to denial of service or Server Side Request forgery. * [CVE-2021-44790](https://security-tracker.debian.org/tracker/CVE-2021-44790) A buffer overflow in mod\_lua may result in denial of service or potentially the execution of arbitrary code. For the oldstable distribution (buster), these problems have been fixed in version 2.4.38-3+deb10u7. For the stable distribution (bullseye), these problems have been fixed in version 2.4.52-1~deb11u2. We recommend that you upgrade your apache2 packages. For the detailed security status of apache2 please refer to its security tracker page at: [\ https://security-tracker.debian.org/tracker/apache2](https://security-tracker.debian.org/tracker/apache2)


Affected Software


CPE Name Name Version
apache2 2.4.48-3.1
apache2 2.4.48-3.1+deb11u1
apache2 2.4.48-4
apache2 2.4.49-1
apache2 2.4.49-1~bpo10+1
apache2 2.4.49-1~deb11u1
apache2 2.4.49-1~deb11u2
apache2 2.4.49-1~deb11u3
apache2 2.4.49-2
apache2 2.4.49-3
apache2 2.4.49-4
apache2 2.4.50-1
apache2 2.4.50-1~deb11u1
apache2 2.4.51-1
apache2 2.4.51-1~bpo10+1
apache2 2.4.51-1~bpo10+2
apache2 2.4.51-1~deb11u1
apache2 2.4.51-2
apache2 2.4.52-1~bpo10+1
apache2 2.4.52-1~deb11u1

Related