Overview
Request 205965 superseded
- update to 2.3.9:
+ obsoletes apache2-mod_fcgid-CVE-2013-4365-bnc844935.diff
and fixes CVE-2013-4365 [bnc#844935] (heap overflow).
The heap overflow discovery and fix was done by
Robert Matthews .
+ quoting and spaces parsing correction for FcgidWrapper directive
and commandline options.
+ logging improvements for access controls
+ remove redundant processing of Location headers when running in
FCGI_AUTHORIZER mode (forwarded request 205964 from draht)
- Created by draht
- In state superseded
- Superseded by 205966
-
Open review for
legal-auto
-
Open review for
factory-auto
Request History
draht created request
- update to 2.3.9:
+ obsoletes apache2-mod_fcgid-CVE-2013-4365-bnc844935.diff
and fixes CVE-2013-4365 [bnc#844935] (heap overflow).
The heap overflow discovery and fix was done by
Robert Matthews .
+ quoting and spaces parsing correction for FcgidWrapper directive
and commandline options.
+ logging improvements for access controls
+ remove redundant processing of Location headers when running in
FCGI_AUTHORIZER mode (forwarded request 205964 from draht)
superseded by 205966
