GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Wed Jun 17, 2015 9:26 pm Post subject: [ GLSA 201504-03 ] Apache |
|
|
Gentoo Linux Security Advisory
Title: Apache: Multiple vulnerabilities (GLSA 201504-03)
Severity: normal
Exploitable: remote
Date: April 11, 2015
Updated: April 19, 2015
Bug(s): #535948
ID: 201504-03
Synopsis
Multiple vulnerabilities have been found in Apache HTTP Server, the
worst of which could lead to arbitrary code execution.
Background
Apache HTTP Server is one of the most popular web servers on the
Internet.
Affected Packages
Package: www-servers/apache
Vulnerable: < 2.2.29
Unaffected: >= 2.2.29
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Apache HTTP Server.
Please review the CVE identifiers referenced below for details.
Impact
A remote attacker may be able to execute arbitrary code or cause a
Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=www-servers/apache-2.2.29"
|
References
CVE-2013-5704
CVE-2014-0118
CVE-2014-0226
CVE-2014-0231 |
|