[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 4294-1] modsecurity-apache security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4294-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
September 07, 2025                            https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : modsecurity-apache
Version        : 2.9.3-3+deb11u5
CVE ID         : CVE-2025-54571
Debian Bug     : 1110480

Cross-site scripting due to insufficient return value handling has been 
fixed in modsecurity-apache, a module for the Apache webserver to 
tighten Web application security.

For Debian 11 bullseye, this problem has been fixed in version
2.9.3-3+deb11u5.

We recommend that you upgrade your modsecurity-apache packages.

For the detailed security status of modsecurity-apache please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/modsecurity-apache

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmi9eNQACgkQiNJCh6LY
mLFx8g/+PwMX95rwqr3miVrOYXgtwccVr1zvZbYmm5USXhlpnZ+5xtJZPVxgw2ak
M0YYFKZrx7RZ25Yr+etfGBiwlZhyaD9fAJVcXbK25Ex0gYXWGo+tWoJkteJXW97/
dTTO8xdQ4SYQhIxihMT615wEHR+V0HAEFvwdiuZK1IwFFQvQh+3+TQyvPeZvTi67
QOT0O28dOD7FPqUMTs4wJx9fhGBtj0GgYq30cYbteIAZ8DVe0Ml9P7Cu9ATTe6/9
X1/Ga0aA6ID54o+TEi7KuI6UzbLkC9VkKyw6EANexcalqxWZS7u/R/+4zZDffCVT
WannXRy5G5eg4IznWTKD5yKUhkWlSh2sT02l6S+m+StAnScYQy8Pmb4XlkC1GeNo
CMQZpk759YgNlx7fa68EEpxANOERiiZ2piCGi9kxOR/esq9LBPvCH6M43IaRqEdB
tbuqs72v5Bf07XIJcElXXrsFsstHUdvmAo6RWDt9XFVzWUD1luAWbQ3a+biV4OOQ
BGeVty5kltjteBBaMMIwHKkDChcP6wtzEBu0TJ7i8dj3noE1eH5T+/otqxkB3PxT
8hyfTq7Rn7yE7dMaLUMs9PbKNs9g9s2XYQV4BwXy8f+6JgMY4UpAAmbDqMgC0fPu
WH24cDRPvd+ZxGfziZXRd66WQefp5/Oa99pcrJaSvo6ttbAaoWU=
=/5us
-----END PGP SIGNATURE-----
Reply to: