FreeBSD : apache24 -- several vulnerabilities (5804b9d4-a959-11e4-9363-20cf30e32f6d)

Apache HTTP SERVER PROJECT reports : modproxyfcgi: Fix a potential crash due to buffer over-read, with response headers' size above 8K. modcache: Avoid a crash when Content-Type has an empty value. PR 56924. modlua: Fix handling of the Require line when a LuaAuthzProvider is used in multiple...

Low: Red Hat Security Advisory: httpd24-httpd security and bug fix update

Updated httpd24-httpd packages that fix two security issues and one bug are now available for Red Hat Software Collections 1. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

Apache Httpd < 2.4.12 : HTTP Trailers processing bypass

HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the "MergeTrailers" directive to restore legacy behavior...

Apache Httpd < 2.2.29 : HTTP Trailers processing bypass

HTTP trailers could be used to replace HTTP headers late during request processing, potentially undoing or otherwise confusing modules that examined or modified request headers earlier. This fix adds the "MergeTrailers" directive to restore legacy behavior...