Slackware-12.1 ChangeLog (2011-09-04)

Sun Sep 4 02:17:37 UTC 2011

  • patches/packages/httpd-2.2.20-i486-1_slack12.1.tgz
    SECURITY: CVE-2011-3192 (cve.mitre.org)
    core: Fix handling of byte-range requests to use less memory, to avoid
    denial of service. If the sum of all ranges in a request is larger than
    the original file, ignore the ranges and send the complete file.
    PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener]
    For more information, see:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
    (* Security fix *)
  • news/2011/09/04/slackware-12.1-changelog.txt
  • Last modified: 12 months ago
  • by Giuseppe Di Terlizzi