Low: Red Hat Security Advisory: httpd security, bug fix, and enhancement update

Updated httpd packages that fix one security issue, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

[slackware-security] httpd (SSA:2015-198-01)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 slackware-security httpd SSA:2015-198-01 New httpd packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+...

Slackware 14.0 / 14.1 / current : httpd (SSA:2015-198-01)

New httpd packages are available for Slackware 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-198-01. The text itself is copyright C...

[slackware-security] httpd

New httpd packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/httpd-2.4.16-i486-1slack14.1.txz: Upgraded. This update fixes the following security issues: CVE-2015-0253: Fix a crash with...

Scientific Linux Security Update : php on SL6.x i386/x86_64 (20150709)

A flaw was found in the way PHP parsed multipart HTTP POST requests. A specially crafted request could cause PHP to use an excessive amount of CPU time. CVE-2015-4024 An uninitialized pointer use flaw was found in PHP's Exif extension. A specially crafted JPEG or TIFF file could cause a PHP...

Moderate: Red Hat Security Advisory: php security update

Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are available for...

Important: Red Hat Security Advisory: rh-php56-php security update

Updated rh-php56-php packages that fix multiple security issues are now available for Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.4.41-i486-1slack14.1.txz: Upgraded. This update fixes some bugs and security issues. For more information, see:...

Fedora Update for httpd FEDORA-2015-9216

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Moderate: Red Hat Security Advisory: php55 security and bug fix update

Updated php55 collection packages that fix multiple security issues and several bugs are now available as part of Red Hat Software Collections 2. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

php: pipelined request executed in deinitialized interpreter under httpd 2.4

A flaw was found in the way the PHP module for the Apache httpd web server handled pipelined requests. A remote attacker could use this flaw to trigger the execution of a PHP script in a deinitialized interpreter, causing it to crash or, possibly, execute arbitrary code...

Fedora 21 : httpd-2.4.12-1.fc21 (2015-9216)

Update to new version 2.4.12. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

SUSE SLED10 Security Update : subversion (SUSE-SU-2013:0837-1)

This update fixes several DoS vulnerabilities in subversion's moddavsvn Apache HTTPD server module. CVE-2013-1849, CVE-2013-1846, CVE-2013-1845 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...

Monkey HTTPD Server Denial of Service - Ver2 (CVE-2013-3724)

A denial of service vulnerability has been reported in Monkey HTTPD Server. The vulnerability is due to improper bounds checking while parsing headers. A remote attacker can exploit this vulnerability by sending a malicious request to the target server. Successful exploitation of this vulnerabili...

openSUSE Security Update : php5 (openSUSE-2015-352)

PHP was updated to fix three security issues. The following vulnerabilities were fixed : - CVE-2015-3330: Specially crafted PHAR files could, when executed under Apache httpd 2.4 apache2handler, allow arbitrary code execution bnc928506 - CVE-2015-3329: Specially crafted PHAR data could lead to...

Security update for php5 (important)

PHP was updated to fix three security issues. The following vulnerabilities were fixed: CVE-2015-3330: Specially crafted PHAR files could, when executed under Apache httpd 2.4 apache2handler, allow arbitrary code execution bnc928506 CVE-2015-3329: Specially crafted PHAR data could lead to...

[slackware-security] php

New php packages are available for Slackware 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/php-5.4.40-i486-1slack14.1.txz: Upgraded. This update fixes some security issues. Please note that this package build also moves t...

[slackware-security] httpd

New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/httpd-2.4.12-i486-1slack14.1.txz: Upgraded. This update fixes the following security issues: CVE-2014-3583...

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : httpd (SSA:2015-111-03)

New httpd packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2015-111-03. The text itse...

Apache Httpd < 2.2.31 : HTTP request smuggling attack against chunked request parser

An HTTP request smuggling attack was possible due to a bug in parsing of chunked requests. A malicious client could force the server to misinterpret the request length, allowing cache poisoning or credential hijacking if an intermediary proxy is in use...