Ubuntu 5563-1: http-parser vulnerability | LinuxSecurity.com
==========================================================================
Ubuntu Security Notice USN-5563-1
August 10, 2022

http-parser vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

http-parser could be made to expose sensitive data if it received
a specially crafted request.

Software Description:
- http-parser: parser for HTTP messages: development libraries and header files

Details:

It was discovered that http-parser incorrectly handled certain requests.
An attacker could possibly use this issue to bypass security controls or
gain unauthorized access to sensitive data.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libhttp-parser2.7.1             2.7.1-2ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-5563-1
  CVE-2020-8287

Package Information:
  https://launchpad.net/ubuntu/+source/http-parser/2.7.1-2ubuntu0.1

Ubuntu 5563-1: http-parser vulnerability

August 10, 2022

Summary

A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: http-parser could be made to expose sensitive data if it received a specially crafted request. Software Description: - http-parser: parser for HTTP messages: development libraries and header files Details: It was discovered that http-parser incorrectly handled certain requests. An attacker could possibly use this issue to bypass security controls or gain unauthorized access to sensitive data.

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: libhttp-parser2.7.1 2.7.1-2ubuntu0.1 In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-5563-1

CVE-2020-8287

Severity
Ubuntu Security Notice USN-5563-1

Package Information

https://launchpad.net/ubuntu/+source/http-parser/2.7.1-2ubuntu0.1

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.