Advisories » MGASA-2018-0009

Updated apache packages fix security vulnerability

Publication date: 01 Jan 2018
Modification date: 01 Jan 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2017-9798

Description

Hanno Böck discovered that the Apache HTTP Server incorrectly handled Limit
directives in .htaccess files. In certain configurations, a remote attacker
could possibly use this issue to read arbitrary server memory, including
sensitive information. This issue is known as Optionsbleed (CVE-2017-9798).
                

References

SRPMS

6/core