Debian DLA-34-1 : libapache-mod-security security update
Martin Holst Swende discovered a flaw in the way modsecurity handled chunked requests. A remote attacker could use this flaw to bypass intended modsecurity restrictions, allowing them to send requests containing content that should have been removed by modsecurity. NOTE: Tenable Network Security...