[apache2] annotated tag debian/2.4.25-3+deb9u4 created (now c6c963c)

Stefan Fritsch sf at moszumanska.debian.org
Sat Mar 31 09:17:27 UTC 2018 

This is an automated email from the git hooks/post-receive script.

sf pushed a change to annotated tag debian/2.4.25-3+deb9u4
in repository apache2.

        at  c6c963c   (tag)
   tagging  1947e1afaa98287a1f9b2fe7fc4fcab615e18b80 (commit)
  replaces  debian/2.4.25-3+deb9u3
 tagged by  Stefan Fritsch
        on  Sat Mar 31 11:16:33 2018 +0200

- Log -----------------------------------------------------------------
tag 2.4.25-3+deb9u4
-----BEGIN PGP SIGNATURE-----

iQIzBAABCAAdFiEEOpiNza8JqByyYYsxxodfNUHO/eAFAlq/UfQACgkQxodfNUHO
/eAksBAAviIrIISDHY1ncxz9c45ck2rOjqi9L8uonwpim++hjx7eQ3PYsHmnnAjP
fH2NBMPKHs7TKEhRD+mGghADoSn0jC5pddRHb/uRHz8wcWn1Dm98cNGjknJ8+CE4
+O3BPEn13L+FF1bHB6GyZ2YpxYHrQNK8pCe+qkI5XrAV6Jx7SjisiJDvb+4nUtdT
iSSI94dMVuS54F6w18iLyfYJf8dVhGIvCOAp/xym//Fch27Di4f3gKrbcDq58w83
RDppeEHanCHiDtga3TCqfWkTDYwuLkaMRC5gEiN+LNww3XiZQuIbgcID40exkS6n
nlDVxwu4W3DJF7Hrx3z1li2qDaETwvdH+tS0CVGtvH0w2boam26BBeN59U3xIVeq
uEcG/yIgX9KHHM/uNHn9ueWd66cGwCoRjjL/enowyhku22JllzmqPEM9esBejx1x
bAWMXY9r2IN4LRoBMhp61xIW9+xorPCLxuannYKaic5KsQiLJTv4dDuLj5tWtPNP
w2aLYu6pMeAm6AYVfvIfFukc1tYeoRXXl7rKuNDMlxyStgmjSlv9KnaLZA/WX1lt
02oWU/AxXHJgKkXoH+OOT5XMJxwBmI6ohQVLyQ46N6v479t+4imbcmtHDTs4Hk1o
7AHBXeJGl4ox6vKgpNIdb8nw8VsW1Y+rOh5UqwDswWAHLzzXHOw=
=ZVYU
-----END PGP SIGNATURE-----

Stefan Fritsch (8):
      refresh line numbers in patch
      CVE-2017-15710: mod_authnz_ldap
      CVE-2017-15715: <FilesMatch> bypass with a trailing newline
      CVE-2018-1283: Tampering of mod_session data for CGI applications
      CVE-2018-1301: out of bound read after failure in reading HTTP request
      CVE-2018-1303: Possible out of bound read in mod_cache_socache
      CVE-2018-1312: mod_auth_digest: Weak Digest auth nonce generation
      release 2.4.25-3+deb9u4

-----------------------------------------------------------------------

This annotated tag includes the following new commits:

       new  5ce2d82   refresh line numbers in patch
       new  7ec3901   CVE-2017-15710: mod_authnz_ldap
       new  0f01b95   CVE-2017-15715: <FilesMatch> bypass with a trailing newline
       new  9f7b280   CVE-2018-1283: Tampering of mod_session data for CGI applications
       new  3542942   CVE-2018-1301: out of bound read after failure in reading HTTP request
       new  01e4c11   CVE-2018-1303: Possible out of bound read in mod_cache_socache
       new  5714ce3   CVE-2018-1312: mod_auth_digest: Weak Digest auth nonce generation
       new  1947e1a   release 2.4.25-3+deb9u4

The 8 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "adds" were already present in the repository and have only
been added to this reference.


-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-apache/apache2.git

More information about the Pkg-apache-commits mailing list