[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[DLA 34-1] libapache-mod-security security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Package        : libapache-mod-security
Version        : 2.5.12-1+squeeze4
CVE ID         : CVE-2013-5705

Martin Holst Swende discovered a flaw in the way mod_security handled chunked requests. A remote attacker could use this flaw to bypass intended mod_security restrictions, allowing them to send requests containing content that should have been removed by mod_security.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFT5iid02K2KlS5mJARAiHrAKCOkaHxyQTImX8pEY2W9P/VilEi2gCfdXuM
Z2RhzE8r7VLGtOyBxWVCYbI=
=0puD
-----END PGP SIGNATURE-----


Reply to: