[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 284-1] apache2 security update

Package        : apache2
Version        : 2.2.16-6+squeeze15
CVE ID         : CVE-2015-3183

A vulnerability has been found in the Apache HTTP Server.


    Apache HTTP Server did not properly parse chunk headers, which
    allowed remote attackers to conduct HTTP request smuggling via a
    crafted request. This flaw relates to mishandling of large
    chunk-size values and invalid chunk-extension characters in

For the squeeze distribution, these issues have been fixed in version
2.2.16-6+squeeze15 of apache2.

We recommend you to upgrade your apache2 packages.

Attachment: signature.asc
Description: Digital signature

Reply to: