Apache HTTP Server - Announce

This forum is an archive for the mailing list announce@httpd.Apache.Org (more options) Messages posted here will be sent to this mailing list.
1234
Topics (121)
Replies Last Post Views
CVE-2020-11993: Push Diary Crash on Specifically Crafted HTTP/2 Header by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2020-11985: CWE-345: Insufficient verification of data authenticity by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2020-11984: mod_uwsgi buffer overlow by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.46 Released by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2020-9490: Push Diary Crash on Specifically Crafted HTTP/2 Header by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.41 Released by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2019-9517: mod_http2, DoS attack by exhausting h2 workers by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2019-10098: mod_rewrite configurations vulnerable to open redirect by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2019-10097: mod_remoteip stack buffer overflow and NULL pointer dereference by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2019-10092: Limited cross-site scripting in mod_proxy by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2019-10082: mod_http2, read-after-free in h2 connection shutdown by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2019-10081: mod_http2, memory corruption on early pushes by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.39 Released by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.38 Released by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2019-0190: mod_ssl 2.4.37 remote DoS when used with OpenSSL 1.1.1 by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-17199: mod_session_cookie does not respect expiry time by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-17189: mod_http2, DoS via slow, unneeded request bodies by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.37 Released by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-11763: mod_http2, DoS via continuous SETTINGS frames by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.35 Released by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-8011: Apache HTTP Server mod_md DoS by Mark Cox
0
by Mark Cox
CVE-2018-1333: Apache HTTP Server HTTP/2 DoS by Mark Cox
0
by Mark Cox
[ANNOUNCEMENT] Apache HTTP Server 2.4.34 Released by Jim Jagielski-2
0
by Jim Jagielski-2
CVE-2018-1303: Possible out of bound read in mod_cache_socache by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-1301: Possible out of bound access after failure in reading the HTTP request by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-1312: Weak Digest auth nonce generation in mod_auth_digest by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-1283: Tampering of mod_session data for CGI applications by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2017-15715: <FilesMatch> bypass with a trailing newline in the file name by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2018-1302: Possible write of after free on HTTP/2 stream shutdown by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
CVE-2017-15710: Out of bound write in mod_authnz_ldap when using too small Accept-Language values by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
[ANNOUNCEMENT] Apache HTTP Server 2.4.33 Released by Daniel Ruggeri-2
0
by Daniel Ruggeri-2
Apache HTTP Server 2.4.29 Released by Jim Jagielski-2
0
by Jim Jagielski-2
[Announcement] Apache HTTP Server 2.4.28 Released by William A. Rowe Jr.-...
0
by William A. Rowe Jr.-...
CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest by William A. Rowe Jr.-...
0
by William A. Rowe Jr.-...
CVE-2017-9789: Apache httpd 2.4 Read after free in mod_http2 by William A. Rowe Jr.-...
0
by William A. Rowe Jr.-...
1234