critical: httpd security update
moderate
An update for httpd is now available for NewStart CGSL MAIN V6.06.
NewStart Security has rated this update as having a security impact of critical. A Common Vunlnerability Scoring System(CVSS)base score, which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
httpd: Out-of-bounds write in ap_escape_quotes() via malicious input
httpd: mod_lua: Possible buffer overflow when parsing multipart content
httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling
httpd: mod_http2 concurrent pool usage
httpd: mod_session: NULL pointer dereference when parsing Cookie header
httpd: URL normalization inconsistency
httpd: mod_rewrite potential open redirect
httpd: mod_http2: DoS via slow, unneeded request bodies
Solution:
Remember the build tag is 6.06.02B5.
© 2004-2023 广东中兴新支点技术有限公司 版权所有 (www.gd-linux.com) 粤ICP备15061780号-2
全国服务热线:400-033-0108