- Committer: Bazaar Package Importer
- Date: 2007-10-18 14:10:13 UTC
- Revision ID: james.westby@ubuntu.com-20071018141013-zyodn3h30ozot7tn
* SECURITY UPDATE: denial of service via multiple HTTPS redirects
* debian/patches/29_SECURITY_LP153697.dpatch: set SSL context and SSL
connection to NULL in np_net_ssl_cleanup()
* SECURITY UPDATE: denial of service via multiple redirects
* debian/patches/30_SECURITY_LP153703.dpatch: fix off-by-one error to
re-allocate the proper amount of memory in redir()
* SECURITY UPDATE: denial of service and possible arbitrary code execution
as the user in check_http.c via crafted Location Header
* debian/patches/CVE-2007-5198.dpatch: previous patch was not complete.
Patch now reworked to properly validate Location header in redir().
* References
LP: #153697
LP: #153703
CVE-2007-5198
LP: #152624
* debian/patches/29_SECURITY_LP153697.dpatch: set SSL context and SSL
connection to NULL in np_net_ssl_cleanup()
* SECURITY UPDATE: denial of service via multiple redirects
* debian/patches/30_SECURITY_LP153703.dpatch: fix off-by-one error to
re-allocate the proper amount of memory in redir()
* SECURITY UPDATE: denial of service and possible arbitrary code execution
as the user in check_http.c via crafted Location Header
* debian/patches/CVE-2007-5198.dpatch: previous patch was not complete.
Patch now reworked to properly validate Location header in redir().
* References
LP: #153697
LP: #153703
CVE-2007-5198
LP: #152624
| Filename | Latest Rev | Last Changed | Committer | Comment | Size | ||
|---|---|---|---|---|---|---|---|
 ..
|
|||||||
fedora
|
1.1.3 | 17 years ago | Bazaar Package Importer | Import upstream version 1.4.3 |
|
||
|
redhat
|
1.1.2 | 18 years ago | Bazaar Package Importer | Import upstream version 1.4.2 |
|
||
|
solaris
|
1.1.1 | 16 years ago | Bazaar Package Importer | Import upstream version 1.4 |
|
||