Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
172
security advisoryUbuntucurlUbuntu 20.04 curl Critical Authentication Issues USN-8099-1 CVE-2026-1965
Several security issues were fixed in curl.. ========================================================================== Ubuntu Security Notice USN-8099-1 March 16, 2026 curl vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in curl. Software Description: - curl: HTTP, HTTPS, and FTP client and client libraries Details: Zhicheng Chen discovered that curl could incorrectly reuse the wrong connection for Negotiate-authenticated HTTP or HTTPS requests. This could result in the use of credentials from a different connection, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-1965) It was discovered that curl incorrectly leaked OAuth2 bearer tokens when following a redirect. This could result in tokens being sent to the wrong host, contrary to expectations. This issue only affected Ubuntu 20.04 LTS. (CVE-2026-3783) Muhamad Arga Reksapati discovered that curl incorrectly reused existing HTTP proxy connections even if the request used different credentials. This could result in the use of incorrect credentials, contrary to expectations. (CVE-2026-3784) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS curl 7.68.0-1ubuntu2.25+esm3 Available with Ubuntu Pro libcurl3-gnutls 7.68.0-1ubuntu2.25+esm3 Available with Ubuntu Pro libcurl3-nss 7.68.0-1ubuntu2.25+esm3 Available with Ubuntu Pro libcurl4 7.68.0-1ubuntu2.25+esm3 Available with Ubuntu Pro Ubuntu 18.04 LTS curl 7.58.0-2ubuntu3.24+esm8 Available with Ubuntu Pro libcurl3-gnutls 7.58.0-2ubuntu3.24+esm8 Available with Ubuntu Pro libcurl3-nss 7.58.0-2ubuntu3.24+esm8 Available with Ubuntu Pro libcurl4 7.58.0-2ubuntu3.24+esm8 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-8099-1 CVE-2026-1965, CVE-2026-3783, CVE-2026-3784 . Several critical security issues fixed in curl for Ubuntu 20.04 and 18.04 that could lead to credential leaks and unauthorized access.. curl security, Ubuntu curl vulnerabilities, HTTP client security issues, authentication flaws, security updates. . Severity: Critical. LinuxSecurity.com Team
Mar 16, 2026
•Critical
Ubuntu
100
security advisorymoderate severitycross-originSUSE Linux Micro 6.0: 2025:20037-1 moderate: python-urllib3 fix
* bsc#1226469 Cross-References: * CVE-2024-37891 . # Security update for python-urllib3 Announcement ID: SUSE-SU-2025:20037-1 Release Date: 2025-02-03T08:53:14Z Rating: moderate References: * bsc#1226469 Cross-References: * CVE-2024-37891 CVSS scores: * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Micro 6.0 An update that solves one vulnerability can now be installed. ## Description: This update for python-urllib3 fixes the following issues: * CVE-2024-37891: Fixed issue where proxy-authorization request header was not stripped during cross-origin redirects (bsc#1226469) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Micro 6.0 zypper in -t patch SUSE-SLE-Micro-6.0-36=1 ## Package List: * SUSE Linux Micro 6.0 (noarch) * python311-urllib3-2.1.0-2.1 ## References: * https://www.suse.com/security/cve/CVE-2024-37891.html * https://bugzilla.suse.com/show_bug.cgi?id=1226469 . Patch for python-urllib3 on SUSE Linux Micro 6.0 addressing cross-origin proxy vulnerabilities. This advisory has a moderate security rating.. SUSE Linux Micro, python urllib3, security advisory. . LinuxSecurity.com Team
Jun 04, 2025
SuSE
202
security advisorymoderatesoftware updateopenSUSE: 2025:0873-1 moderate: amazon-ssm-agent Advisory Security Update
An update that solves one vulnerability can now be installed.. # Security update for amazon-ssm-agent Announcement ID: SUSE-SU-2025:0873-1 Release Date: 2025-03-14T12:51:03Z Rating: moderate References: * bsc#1238702 Cross-References: * CVE-2025-22870 CVSS scores: * CVE-2025-22870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-22870 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for amazon-ssm-agent fixes the following issues: * CVE-2025-22870: golang.org/x/net/proxy: Fixed proxy bypass using IPv6 zone IDs (bsc#1238702) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-873=1 * Public Cloud Module 15-SP3 zypper in -t patchSUSE-SLE-Module-Public-Cloud-15-SP3-2025-873=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2025-873=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2025-873=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2025-873=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.23.1 * Public Cloud Module 15-SP3 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.23.1 * Public Cloud Module 15-SP4 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.23.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.23.1 * Public Cloud Module 15-SP6 (aarch64 x86_64) * amazon-ssm-agent-3.3.1611.0-150000.5.23.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22870.html * https://bugzilla.suse.com/show_bug.cgi?id=1238702 . Critical update for amazon-ssm-agent on openSUSE to address moderate severity proxy bypass issue.. security, update, amazon-ssm-agent, announcement, suse-su-2025, 0873-1, release, 2025-03-14. . LinuxSecurity.com Team
Mar 14, 2025
OpenSUSE
100
security advisorymoderatesoftware updateSUSE: 2023:2883-1 Moderate: Proxy-Authorization Header Leak
* bsc#1211674 Cross-References: * CVE-2023-32681 . # Security update for python3-requests Announcement ID: SUSE-SU-2023:2883-1 Rating: moderate References: * bsc#1211674 Cross-References: * CVE-2023-32681 CVSS scores: * CVE-2023-32681 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2023-32681 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python3-requests fixes the following issues: * CVE-2023-32681: Fixed unintended leak of Proxy-Authorization header (bsc#1211674). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2023-2883=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2883=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2883=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-2883=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2023-2883=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * python3-requests-2.24.0-8.17.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * python3-requests-2.24.0-8.17.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * python3-requests-2.24.0-8.17.1 * SUSELinux Enterprise Server for SAP Applications 12 SP5 (noarch) * python3-requests-2.24.0-8.17.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (noarch) * python3-requests-2.24.0-8.17.1 ## References: * https://www.suse.com/security/cve/CVE-2023-32681.html * https://bugzilla.suse.com/show_bug.cgi?id=1211674 . A recent security patch for python3-requests effectively resolves an issue related to Proxy-Authorization header exposure across various SUSE applications.. SUSE Update, Proxy Leak Fix, Python3 Requests Patch, Security Advisory, Software Vulnerability. . LinuxSecurity.com Team
Feb 27, 2024
SuSE
100
security advisorymoderateimportantSUSE: 2020:14342-1 Important: Apache2 Security Update Overview
An update that fixes two vulnerabilities is now available. . SUSE Security Update: Security update for apache2 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:14342-1 Rating: important References: #1168404 #1169066 Cross-References: CVE-2020-1934 CVE-2020-1938 Affected Products: SUSE Linux Enterprise Server 11-SP4-LTSS SUSE Linux Enterprise Point of Sale 11-SP3 SUSE Linux Enterprise Debuginfo 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP3 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for apache2 fixes the following issues: - CVE-2020-1934: mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server (bsc#1168404). - CVE-2020-1938: mod_proxy_ajp: Add "secret" parameter to proxy workers to implement legacy AJP13 authentication (bsc#1169066). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 11-SP4-LTSS: zypper in -t patch slessp4-apache2-14342=1 - SUSE Linux Enterprise Point of Sale 11-SP3: zypper in -t patch sleposp3-apache2-14342=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-apache2-14342=1 - SUSE Linux Enterprise Debuginfo 11-SP3: zypper in -t patch dbgsp3-apache2-14342=1 Package List: - SUSE Linux Enterprise Server 11-SP4-LTSS (i586 ppc64 s390x x86_64): apache2-2.2.34-70.27.1 apache2-doc-2.2.34-70.27.1 apache2-example-pages-2.2.34-70.27.1 apache2-prefork-2.2.34-70.27.1 apache2-utils-2.2.34-70.27.1 apache2-worker-2.2.34-70.27.1 - SUSE Linux Enterprise Point of Sale11-SP3 (i586): apache2-2.2.34-70.27.1 apache2-devel-2.2.34-70.27.1 apache2-doc-2.2.34-70.27.1 apache2-example-pages-2.2.34-70.27.1 apache2-prefork-2.2.34-70.27.1 apache2-utils-2.2.34-70.27.1 apache2-worker-2.2.34-70.27.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ppc64 s390x x86_64): apache2-debuginfo-2.2.34-70.27.1 apache2-debugsource-2.2.34-70.27.1 - SUSE Linux Enterprise Debuginfo 11-SP3 (i586 s390x x86_64): apache2-debuginfo-2.2.34-70.27.1 apache2-debugsource-2.2.34-70.27.1 References: https://www.suse.com/security/cve/CVE-2020-1934.html https://www.suse.com/security/cve/CVE-2020-1938.html https://bugzilla.suse.com/1168404 https://bugzilla.suse.com/1169066 _______________________________________________ sle-security-updates mailing list
Apr 21, 2020
•Important
SuSE
100
security advisorymoderateremote code executionSUSE: 2019:1789-1 Moderate: Session Issues In SUSE Manager Proxy
An update that solves two vulnerabilities and has 7 fixes is now available. . SUSE Security Update: Security update for SUSE Manager 4.0 : Server and Proxy ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:1789-1 Rating: moderate References: #1136476 #1136480 #1136561 #1136857 #1137955 #1138313 #1138358 #1138364 #1139693 Cross-References: CVE-2019-10136 CVE-2019-10137 Affected Products: SUSE Linux Enterprise Module for SUSE Manager Server 4.0 SUSE Linux Enterprise Module for SUSE Manager Proxy 4.0 ______________________________________________________________________________ An update that solves two vulnerabilities and has 7 fixes is now available. Description: This update fixes the following issues: spacewalk-backend: - Do not duplicate "http://" protocol when using proxies with "deb" repositories (bsc#1138313) - Fix reposync when dealing with RedHat CDN (bsc#1138358) - Fix for CVE-2019-10136. An attacker with a valid, but expired, authenticated set of headers could move some digits around, artificially extending the session validity without modifying the checksum. (bsc#1136480) spacewalk-proxy: - Fix for CVE-2019-10137. A path traversal flaw was found in the way the proxy processes cached client tokens. A remote, unauthenticated, attacker could use this flaw to test the existence of arbitrary files, or if they have access to the proxy's filesystem, execute arbitrary code in the context of the proxy. (bsc#1136476) spacewalk-web: - Change WebUI version 4.0.1 susemanager-doc-indexes: - Updated wording for prometheus section - Jeos VM update - Port 8050 for graphical console display - Content life-cycle docs are not enough for customer to understand (bsc#1137955) - Salt boot formula fails for SLES11 SP3 terminal (bsc#1136857) - Certificate verify failedwhen using vmware esxi virtual host gatherer (bsc#1136561) susemanager-docs_en: - Updated wording for prometheus section - Jeos VM update - Port 8050 for graphical console display - Content life-cycle docs are not enough for customer to understand (bsc#1137955) - Salt boot formula fails for SLES11 SP3 terminal (bsc#1136857) - Certificate verify failed when using vmware esxi virtual host gatherer (bsc#1136561) susemanager-sync-data: - Add channel family definitions for SLES12 SP3 LTSS (bsc#1139693) - Add OPENSUSE to allowed channel_families to make openSUSE Leap product visible in the product list (bsc#1138364) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for SUSE Manager Server 4.0: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.0-2019-1789=1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.0: zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.0-2019-1789=1 Package List: - SUSE Linux Enterprise Module for SUSE Manager Server 4.0 (noarch): python3-spacewalk-backend-libs-4.0.22-3.3.1 spacewalk-backend-4.0.22-3.3.1 spacewalk-backend-app-4.0.22-3.3.1 spacewalk-backend-applet-4.0.22-3.3.1 spacewalk-backend-config-files-4.0.22-3.3.1 spacewalk-backend-config-files-common-4.0.22-3.3.1 spacewalk-backend-config-files-tool-4.0.22-3.3.1 spacewalk-backend-iss-4.0.22-3.3.1 spacewalk-backend-iss-export-4.0.22-3.3.1 spacewalk-backend-package-push-server-4.0.22-3.3.1 spacewalk-backend-server-4.0.22-3.3.1 spacewalk-backend-sql-4.0.22-3.3.1 spacewalk-backend-sql-postgresql-4.0.22-3.3.1 spacewalk-backend-tools-4.0.22-3.3.1 spacewalk-backend-xml-export-libs-4.0.22-3.3.1 spacewalk-backend-xmlrpc-4.0.22-3.3.1 spacewalk-base-4.0.14-3.3.1 spacewalk-base-minimal-4.0.14-3.3.1 spacewalk-base-minimal-config-4.0.14-3.3.1 spacewalk-html-4.0.14-3.3.1 susemanager-doc-indexes-4.0-10.3.1 susemanager-docs_en-4.0-10.3.1 susemanager-docs_en-pdf-4.0-10.3.1 susemanager-sync-data-4.0.12-3.3.1 susemanager-web-libs-4.0.14-3.3.1 - SUSE Linux Enterprise Module for SUSE Manager Proxy 4.0 (noarch): python3-spacewalk-backend-libs-4.0.22-3.3.1 spacewalk-backend-4.0.22-3.3.1 spacewalk-base-minimal-4.0.14-3.3.1 spacewalk-base-minimal-config-4.0.14-3.3.1 spacewalk-proxy-broker-4.0.12-3.3.1 spacewalk-proxy-common-4.0.12-3.3.1 spacewalk-proxy-management-4.0.12-3.3.1 spacewalk-proxy-package-manager-4.0.12-3.3.1 spacewalk-proxy-redirect-4.0.12-3.3.1 spacewalk-proxy-salt-4.0.12-3.3.1 References: https://www.suse.com/security/cve/CVE-2019-10136.html https://www.suse.com/security/cve/CVE-2019-10137.html https://bugzilla.suse.com/1136476 https://bugzilla.suse.com/1136480 https://bugzilla.suse.com/1136561 https://bugzilla.suse.com/1136857 https://bugzilla.suse.com/1137955 https://bugzilla.suse.com/1138313 https://bugzilla.suse.com/1138358 https://bugzilla.suse.com/1138364 https://bugzilla.suse.com/1139693 _______________________________________________ sle-security-updates mailing list
Jul 09, 2019
SuSE
200
security advisorybug fixremote attackScientific Linux: SLSA-2016:1422-1 Important: httpd Proxy Vulnerability
Important: httpd security and bug fix update. Date: Mon, 18 Jul 2016 21:06:48 -0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Important: httpd on SL7.x x86_64 MIME-Version: 1.0 Message-ID: Synopsis: Important: httpd security and bug fix update Advisory ID: SLSA-2016:1422-1 Issue Date: 2016-07-18 CVE Numbers: CVE-2016-5387 -- Security Fix(es): * It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request. (CVE-2016-5387) Note: After this update, httpd will no longer pass the value of the Proxy request header to scripts via the HTTP_PROXY environment variable. Bug Fix(es): * In a caching proxy configuration, the mod_cache module would treat content as stale if the Expires header changed when refreshing a cached response. As a consequence, an origin server returning content without a fixed Expires header would not be treated as cacheable. The mod_cache module has been fixed to ignore changes in the Expires header when refreshing content. As a result, such content is now cacheable, improving performance and reducing load at the origin server. * The HTTP status code 451 "Unavailable For Legal Reasons" was not usable in the httpd configuration. As a consequence, modules such as mod_rewrite could not be configured to return a 451 error if required for legal purposes. The 451 status code has been added to the list of available error codes, and modules can now be configured to return a 451 error if required. -- SL7 x86_64 httpd-2.4.6-40.el7_2.4.x86_64.rpm httpd-debuginfo-2.4.6-40.el7_2.4.x86_64.rpm httpd-devel-2.4.6-40.el7_2.4.x86_64.rpm httpd-tools-2.4.6-40.el7_2.4.x86_64.rpm mod_ldap-2.4.6-40.el7_2.4.x86_64.rpm mod_proxy_html-2.4.6-40.el7_2.4.x86_64.rpm mod_session-2.4.6-40.el7_2.4.x86_64.rpm mod_ssl-2.4.6-40.el7_2.4.x86_64.rpm noarch httpd-manual-2.4.6-40.el7_2.4.noarch.rpm - Scientific Linux Development Team . Crucial patch and vulnerability resolution for httpd on Scientific Linux SL7.x to mitigate possible remote exploitation concern.. httpd Security Update, Scientific Linux Advisory, Important HTTP Fix. . Severity: Important. LinuxSecurity.com Team
Jul 18, 2016
•Important
Scientific Linux
89
security advisoryFedorahttpdFedora 10: FEDORA-2009-12604 critical: httpd session flaws mitigated
This update contains the latest stable release of Apache httpd. Three security fixes are included, along with several minor bug fixes. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2009-12604 2009-12-04 22:40:20 -------------------------------------------------------------------------------- Name : httpd Product : Fedora 10 Version : 2.2.14 Release : 1.fc10 URL : https://httpd.apache.org/ Summary : Apache HTTP Server Description : The Apache HTTP Server is a powerful, efficient, and extensible web server. -------------------------------------------------------------------------------- Update Information: This update contains the latest stable release of Apache httpd. Three security fixes are included, along with several minor bug fixes. A flaw was found in the way the TLS/SSL (Transport Layer Security/Secure Sockets Layer) protocols handle session renegotiation. A man-in-the-middle attacker could use this flaw to prefix arbitrary plain text to a client's session (for example, an HTTPS connection to a website). This could force the server to process an attacker's request as if authenticated using the victim's credentials. This update partially mitigates this flaw for SSL sessions to HTTP servers using mod_ssl by rejecting client-requested renegotiation. (CVE-2009-3555) Note: This update does not fully resolve the issue for HTTPS servers. An attack is still possible in configurations that require a server-initiated renegotiation A NULL pointer dereference flaw was found in the Apache mod_proxy_ftp module. A malicious FTP server to which requests are being proxied could use this flaw to crash an httpd child process via a malformed reply to the EPSV orPASV commands, resulting in a limited denial of service. (CVE-2009-3094) A second flaw was found in the Apache mod_proxy_ftp module. In a reverse proxy configuration, a remote attacker could use this flaw to bypass intended access restrictions by creating a carefully-crafted HTTP Authorization header, allowing the attacker to send arbitrary commands to the FTP server. (CVE-2009-3095) See the upstream changes file for further information: -------------------------------------------------------------------------------- ChangeLog: * Thu Dec 3 2009 Joe Orton - 2.2.14-1 - update to 2.2.14 - Requires(pre): httpd in mod_ssl subpackage (#543275) - add partial security fix for CVE-2009-3555 (#533125) - add condrestart in posttrans (#491567) * Sun Aug 23 2009 Joe Orton 2.2.13-1 - update to 2.2.13 - add delaycompress to logrotate config * Mon Feb 9 2009 Joe Orton 2.2.11-2 - update to 2.2.11 (#482960) - Require apr-util-ldap (#471898) -------------------------------------------------------------------------------- References: [ 1 ] Bug #521619 - CVE-2009-3094 httpd: NULL pointer defer in mod_proxy_ftp caused by crafted EPSV and PASV reply https://bugzilla.redhat.com/show_bug.cgi?id=521619 [ 2 ] Bug #522209 - CVE-2009-3095 httpd: mod_proxy_ftp FTP command injection via Authorization HTTP header https://bugzilla.redhat.com/show_bug.cgi?id=522209 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update httpd' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at -------------------------------------------------------------------------------- _______________________________________________ Fedora-package-announce mailinglist
Dec 10, 2009
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!