What Are You Looking For?

Sign Up
MGASA-2018-0430 - Updated lighttpd packages fix security vulnerabilities

Publication date: 03 Nov 2018
URL: https://advisories.mageia.org/MGASA-2018-0430.html
Type: security
Affected Mageia releases: 6

Updated lighttpd package fixes security vulnerabilities:

Potential path traversal with specific configs or in some use cases
in mod_alias.

use-after-free invalid Range requests in core.

Process headers after combining folded headers in core.

Skip username "." and ".." in mod_userdir.

References:
- https://bugs.mageia.org/show_bug.cgi?id=23443
- https://www.lighttpd.net/2018/8/13/1.4.50/
- https://www.lighttpd.net/2018/10/14/1.4.51/

SRPMS:
- 6/core/lighttpd-1.4.51-1.mga6

Mageia 2018-0430: lighttpd security update

Updated lighttpd package fixes security vulnerabilities: Potential path traversal with specific configs or in some use cases in mod_alias

Summary

References

- https://bugs.mageia.org/show_bug.cgi?id=23443

- https://www.lighttpd.net/2018/8/13/1.4.50/

- https://www.lighttpd.net/2018/10/14/1.4.51/

Resolution

MGASA-2018-0430 - Updated lighttpd packages fix security vulnerabilities

SRPMS

- 6/core/lighttpd-1.4.51-1.mga6

Severity
Publication date: 03 Nov 2018
URL: https://advisories.mageia.org/MGASA-2018-0430.html
Type: security

Related News

Kubernetes Security on AWS: A Practical Guide

Nov 18, 2023

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Nov 28, 2023

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

Nov 25, 2023

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

Dec 2, 2023

News

Advisories

HOWTOs

Features

Using Open Source to Ensure Compliance & Data Integrity through Data Governance
Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!
Unlocking the Future of Authentication: Passkeys vs. Passwords
Empowering MSPs with Straightforward Linux Device Management
A Complete Guide to Torrenting Safely in 2024

About Us

Powered By

Footer Logo