Fedora 32: libmodsecurity FEDORA-2020-1b5b3b465d

    Date 29 Mar 2020
    368
    Posted By LinuxSecurity Advisories
    Fix DoS vulnerability (CVE-2019-19886, RHBZ #1801720 / #1801719)
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2020-1b5b3b465d
    2020-03-30 00:14:49.921327
    --------------------------------------------------------------------------------
    
    Name        : libmodsecurity
    Product     : Fedora 32
    Version     : 3.0.3
    Release     : 6.fc32
    URL         : https://www.modsecurity.org/
    Summary     : A library that loads/interprets rules written in the ModSecurity SecRules
    Description :
    Libmodsecurity is one component of the ModSecurity v3 project.
    The library codebase serves as an interface to ModSecurity Connectors
    taking in web traffic and applying traditional ModSecurity processing.
    In general, it provides the capability to load/interpret rules written
    in the ModSecurity SecRules format and apply them to HTTP content provided
    by your application via Connectors.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    Fix DoS vulnerability (CVE-2019-19886, RHBZ #1801720 / #1801719)
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Sat Mar 21 2020 Othman Madjoudj  - 3.0.3-6
    - Fix DoS vulnerability (CVE-2019-19886, RHBZ #1801720 / #1801719)
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1801719 - CVE-2019-19886 libmodsecurity: denial of service in Transaction::addRequestHeader in transaction.cc [fedora-all]
            https://bugzilla.redhat.com/show_bug.cgi?id=1801719
      [ 2 ] Bug #1801720 - CVE-2019-19886 libmodsecurity: denial of service in Transaction::addRequestHeader in transaction.cc [epel-7]
            https://bugzilla.redhat.com/show_bug.cgi?id=1801720
    --------------------------------------------------------------------------------
    
    This update can be installed with the "dnf" update program. Use
    su -c 'dnf upgrade --advisory FEDORA-2020-1b5b3b465d' at the command
    line. For more information, refer to the dnf documentation available at
    https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
    
    All packages are signed with the Fedora Project GPG key. More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
    To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
    Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
    List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
    List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    Have you ever used tcpdump for network troubleshooting or debugging?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/36-have-you-ever-used-tcpdump-for-network-troubleshooting-or-debugging?task=poll.vote&format=json
    36
    radio
    [{"id":"125","title":"Yes","votes":"36","type":"x","order":"1","pct":80,"resources":[]},{"id":"126","title":"No ","votes":"9","type":"x","order":"2","pct":20,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.