Slackwarearm-14.0 ChangeLog (2011-09-08)
Thu Sep 8 21:42:36 UTC 2011
Packages
Upgraded
- n/httpd-2.2.20-arm-1.tgz
SECURITY: CVE-2011-3192 (cve.mitre.org)
core: Fix handling of byte-range requests to use less memory, to avoid
denial of service. If the sum of all ranges in a request is larger than
the original file, ignore the ranges and send the complete file.
PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener]
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192
(* Security fix *)