Thank you for reading the LinuxSecurity Linux Advisory Watch newsletter!
Today’s newsletter is sponsored by RoseHosting. For fast, secure and fully-managed Linux hosting, check out RoseHosting VPS hosting.
This week, important updates have been issued for the Linux kernel, apache2 and file-roller.
We recommend that you visit our Advisories page frequently to see the latest security advisories that have been issued by your Linux distro(s). We also now offer the ability to personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select.
On behalf of the LinuxSecurity.com administrative team, I would like to extend a warm welcome to our newly redesigned site!
Yours in Open Source,
Linux Kernel
|
apache2The DiscoverySeveral vulnerabilities have been found in the Apache HTTP server including a MergeSlashes regression (CVE-2021-30641), a NULL pointer dereference on specially crafted HTTP/2 requests (CVE-2021-31618), a mod_proxy NULL pointer dereference (CVE-2020-13950), a single zero byte stack overflow in mod_auth_digest (CVE-2020-35452), a mod_session NULL pointer dereference in parser (CVE-2021-26690) and a heap overflow in mod_session (CVE-2021-26691). The ImpactThese bugs could result in denial of service (DoS) and possible execution of arbitrary code. The FixWe recommend that apache2 users upgrade their apache2 packages as soon as possible. In general, a standard system update will make all the necessary changes. Your Related Advisories:Register to Customize Your Advisories div for preview ad-image
|
file-roller
|