Ubuntu security notices
USN-3937-2: Apache vulnerabilities
USN-3937-2: Apache vulnerabilities apache2 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 ESM Summary Several security issues were fixed in Apache. Software Description apache2 – Apache HTTP server Details USN-3937-1 and USN-3627-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Simon Kappel discovered that the Apache HTTP Server mod_auth_digest module incorrectly handled threads. A remote attacker with valid credentials could possibly use this issue to authenticate using another username, bypassing access control restrictions. (CVE-2019-0217) Alex Nichols and Jakob Hirsch discovered that the Apache HTTP Server mod_authnz_ldap module incorrectly handled missing charset encoding headers. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2017-15710) Robert Swiecki discovered that the Apache HTTP Server incorrectly handled [ more… ]