[edge] apache2: Integer Overflow in Apache ap_pregsub via mod-setenvif (CVE-2011-3607)
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3607
Solution
- Patches:
Fixed in commit
http://svn.apache.org/viewvc?view=revision&revision=1198940
(CVE-2011-3607)
http://svn.apache.org/viewvc/httpd/httpd/trunk/server/util.c?r1=1198934&r2=1198940&pathrev=1198940&view=patch
Backported to 2.2.x:
http://svn.apache.org/viewvc?view=revision&revision=1227280
Related info:
http://www.halfdog.net/Security/2011/ApacheModSetEnvIfIntegerOverflow/
https://bugzilla.redhat.com/show\_bug.cgi?id=769844
(from redmine: issue id 970, created on 2012-01-31, closed on 2012-02-01)
- Relations:
- relates #971 (closed)
- relates #972 (closed)
- Changesets:
- Revision e2e255c0 by Natanael Copa on 2012-01-31T13:41:06Z:
main/apache2: security fix (CVE-2011-3607)
fixes #970