meta-openembedded

mirrors/meta-openembedded

Fork 0

mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-14 17:59:59 +00:00

Commit Graph

Author	SHA1	Message	Date
Mingli Yu	de6d776d80	apache2: Fix CVE-2018-11763 mod_http2: connection IO event handling reworked. Instead of reacting on incoming bytes, the state machine now acts on incoming frames that are affecting it. This reduces state transitions. Reference: https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-11763.html Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>	2018-11-15 13:18:50 -08:00
Yi Zhao	3dc82fc2eb	apache2: upgrade 2.4.33 -> 2.4.34 Security fixes: CVE-2018-8011 mod_md: DoS via Coredumps on specially crafted requests CVE-2018-1333 mod_http2: DoS for HTTP/2 connections by specially crafted requests Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>	2018-07-27 13:49:48 -07:00

Author

SHA1

Message

Date

Mingli Yu

de6d776d80

apache2: Fix CVE-2018-11763

mod_http2: connection IO event handling reworked.
Instead of reacting on incoming bytes, the state
machine now acts on incoming frames that are affecting
it. This reduces state transitions.

Reference: https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-11763.html

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>

2018-11-15 13:18:50 -08:00

Yi Zhao

3dc82fc2eb

apache2: upgrade 2.4.33 -> 2.4.34

Security fixes:

CVE-2018-8011
mod_md: DoS via Coredumps on specially crafted requests

CVE-2018-1333
mod_http2: DoS for HTTP/2 connections by specially crafted requests

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>

2018-07-27 13:49:48 -07:00

2 Commits