projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8ab9acb) | patch
package/apache: security bump to version 2.4.43
authorPeter Korsgaard <peter@korsgaard.com>
Thu, 2 Apr 2020 18:20:53 +0000 (20:20 +0200)
committerPeter Korsgaard <peter@korsgaard.com>
Sat, 4 Apr 2020 15:26:49 +0000 (17:26 +0200)
commit2bf40ad66b16744972443127e9ee6f8d8f32c476
tree611af57aa2d85890d19b4a44c3ee163f05b4d0f9tree
parent8ab9acbed8a46e1ba60b3ad18a2d9ec8d8b852b5commit | diff
package/apache: security bump to version 2.4.43

Fixes the following security issues:

  *) SECURITY: CVE-2020-1934 (cve.mitre.org)
     mod_proxy_ftp: Use of uninitialized value with malicious backend FTP
     server. [Eric Covener]

  *) SECURITY: CVE-2020-1927 (cve.mitre.org)
     rewrite, core: Set PCRE_DOTALL flag by default to avoid unpredictable
     matches and substitutions with encoded line break characters.
     The fix for CVE-2019-10098 was not effective.  [Ruediger Pluem]

The LICENSE file has been updated to fix a s/waranties/warranties/ typo, so
update the hash to match and adjust the spacing to match recent agreements:

-This software is provided "as is" and any express or implied waranties,
+This software is provided "as is" and any express or implied warranties,

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
package/apache/apache.hash diff | blob | history
package/apache/apache.mk diff | blob | history