Apache HTTP Server - Announce

This forum is an archive for the mailing list announce@httpd.Apache.Org (more options) Messages posted here will be sent to this mailing list.
123
Topics (103)
Replies Last Post Views
CVE-2018-11763: mod_http2, DoS via continuous SETTINGS frames by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.35 Released by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-8011: Apache HTTP Server mod_md DoS by Mark Cox
0
by Mark Cox
CVE-2018-1333: Apache HTTP Server HTTP/2 DoS by Mark Cox
0
by Mark Cox
[ANNOUNCEMENT] Apache HTTP Server 2.4.34 Released by Jim Jagielski-2
0
by Jim Jagielski-2
CVE-2018-1303: Possible out of bound read in mod_cache_socache by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-1301: Possible out of bound access after failure in reading the HTTP request by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-1312: Weak Digest auth nonce generation in mod_auth_digest by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-1283: Tampering of mod_session data for CGI applications by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2017-15715: <FilesMatch> bypass with a trailing newline in the file name by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-1302: Possible write of after free on HTTP/2 stream shutdown by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2017-15710: Out of bound write in mod_authnz_ldap when using too small Accept-Language values by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.33 Released by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
Apache HTTP Server 2.4.29 Released by Jim Jagielski-2
0
by Jim Jagielski-2
[Announcement] Apache HTTP Server 2.4.28 Released by William A. Rowe Jr.-...
0
by William A. Rowe Jr.-...
CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest by William A. Rowe Jr.-...
0
by William A. Rowe Jr.-...
CVE-2017-9789: Apache httpd 2.4 Read after free in mod_http2 by William A. Rowe Jr.-...
0
by William A. Rowe Jr.-...
[Announcement] Apache HTTP Server 2.2.34 Released by William A. Rowe Jr.-...
0
by William A. Rowe Jr.-...
[ANNOUNCEMENT] Apache HTTP Server 2.4.27 Released by Jim Jagielski-2
0
by Jim Jagielski-2
[SECURITY] CVE-2017-7679: mod_mime buffer overread by Jacob Champion-3
0
by Jacob Champion-3
[SECURITY] CVE-2017-7668: ap_find_token buffer overread by Jacob Champion-3
0
by Jacob Champion-3
[SECURITY] CVE-2017-7659: mod_http2 null pointer dereference by Jacob Champion-3
0
by Jacob Champion-3
[SECURITY] CVE-2017-3169: mod_ssl null pointer dereference by Jacob Champion-3
0
by Jacob Champion-3
[SECURITY] CVE-2017-3167: ap_get_basic_auth_pw authentication bypass by Jacob Champion-3
0
by Jacob Champion-3
Apache HTTP Server 2.4.26 Released by Jim Jagielski-2
0
by Jim Jagielski-2
Apache HTTP Server 2.4.25 Released by Jacob Champion-3
0
by Jacob Champion-3
CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used by icing
0
by icing
CVE-2016-4979: HTTPD webserver - X509 Client certificate based authentication can be bypassed when HTTP/2 is used [vs] by Dirk-Willem van Guli...
0
by Dirk-Willem van Guli...
Apache HTTP Server 2.4.23 Released by Jim Jagielski-2
0
by Jim Jagielski-2
Apache HTTP Server 2.4.20 Released by Jim Jagielski-2
0
by Jim Jagielski-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.18 Released by Jim Jagielski-2
0
by Jim Jagielski-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.18 Released by Jim Jagielski-2
0
by Jim Jagielski-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.17 Released by Jim Jagielski-2
0
by Jim Jagielski-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.16 Released by Jim Jagielski-2
0
by Jim Jagielski-2
[Announce] Apache HTTP Server 2.2.29 Released by William A. Rowe Jr.-...
0
by William A. Rowe Jr.-...
123