[ANNOUNCEMENT] Apache HTTP Server 2.3.6-alpha Released

           Apache HTTP Server 2.3.6-alpha Released

The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.3.6-alpha of the Apache HTTP
Server ("Apache").  This version of Apache is principally an alpha release
to test new technology and features that are incompatible or too large for
the stable 2.2.x branch. This alpha release should not be presumed to
be compatible with binaries built against any prior or future version.


Apache HTTP Server 2.3.6-alpha is available for download from:

http://httpd.apache.org/download.cgi

Apache 2.3 offers numerous enhancements, improvements, and performance
boosts over the 2.2 codebase.  For an overview of new features
introduced since 2.3 please see:

http://httpd.apache.org/docs/trunk/new_features_2_4.html

Please see the CHANGES_2.3 file, linked from the download page, for a
full list of changes.

This release includes the Apache Portable Runtime (APR) version 1.4.2
and APR-Util version 1.3.9 in a separate -deps tarball.  The APR libraries
must be upgraded for all features of httpd to operate correctly.

This release builds on and extends the Apache 2.2 API.  Modules written
for Apache 2.2 will need to be recompiled in order to run with Apache
2.3, and require minimal or no source code changes.

http://svn.apache.org/repos/asf/httpd/httpd/trunk/VERSIONING



Read More

CVE-2010-2263

nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI. (CVSS:5.0) (Last Update:2010-06-18)

Read More

[advisory] httpd Timeout detection flaw (mod_proxy_http) CVE-2010-2068

Vulnerability; httpd Timeout detection flaw (mod_proxy_http) CVE-2010-2068

Classification; important

Description;

    A timeout detection flaw in the httpd mod_proxy_http module causes
    proxied response to be sent as the response to a different request,
    and potentially served to a different client, from the HTTP proxy
    pool worker pipeline.

    This may represent a confidential data revealing flaw.

    This affects only Netware, Windows or OS2 builds of httpd version
    2.2.9 through 2.2.15, 2.3.4-alpha and 2.3.5-alpha, when the proxy
    worker pools have been enabled.  Earlier 2.2, 2.0 and 1.3 releases
    were not affected.

Acknowledgements;

    We would like to thank Loren Anderson for the thorough research
    and reporting of this flaw.

Mitigation;

    Apply any one of the following mitigations to avert the possibility
    of confidential information disclosure.

    * Do not load mod_proxy_http.

    * Do not configure/enable any http proxy worker pools with ProxySet
      or ProxyPass optional arguments.

    * The straightforward workaround to disable mod_proxy_http's reuse
      of backend connection pipelines is to set the following global
      directive;

        SetEnv proxy-nokeepalive 1

    * Replace mod_proxy_http.so with a patched version, for source code
      see http://www.apache.org/dist/httpd/patches/apply_to_2.2.15/ or
      http://www.apache.org/dist/httpd/patches/apply_to_2.3.5/ and for
      binaries see the http://www.apache.org/dist/httpd/binaries/ tree
      for win32 or netware, as appropriate.

    * Upgrade to Apache httpd 2.2.16 or higher, once released.  There
      is no tentative release date scheduled.

Update Released; 11th June 2010



Read More

CVE-2009-4134

Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference. (CVSS:5.0) (Last Update:2011-03-01)

Read more

CVE-2010-1450

Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function. (CVSS:7.5) (Last Update:2011-03-01)

Read more

CVE-2010-2089

The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634. (CVSS:5.0) (Last Update:2013-05-14)

Read more

CVE-2010-1634

Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5. (CVSS:5.0) (Last Update:2013-05-14)

Read more

CVE-2010-1449

Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12. (CVSS:7.5) (Last Update:2011-03-01)

Read more

CVE-2010-1158

Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers to cause a denial of service (stack consumption and application crash) by matching a crafted regular expression against a long string. (CVSS:5.0) (Last Update:2013-10-23)

Read more

Software and Security Information