Package : apache2 Version : 2.2.16-6+squeeze15 CVE ID : CVE-2015-3183 A vulnerability has been found in the Apache HTTP Server. CVE-2015-3183 Apache HTTP Server did not properly parse chunk headers, which allowed remote attackers to conduct HTTP request smuggling via a crafted request. This flaw relates to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c. For the squeeze distribution, these issues have been fixed in version 2.2.16-6+squeeze15 of apache2. We recommend you to upgrade your apache2 packages.
Attachment:
signature.asc
Description: Digital signature