LD_LIBRARY_PATH issue in 2.2.22 and earlier

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



One of the PCI scanning companies is demanding an upgrade to 2.4.2 due to the issues described in this CVE:
Changes with Apache 2.2.23

  *) SECURITY: CVE-2012-0883 (cve.mitre.org)
     envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
     current working directory to be searched for DSOs. [Stefan Fritsch]
Is there any idea when 2.2.23 will be released? I'd rather not upgrade to 2.4.2

Apologies if this is the wrong list for this.

Best,

Luke Lozier

---

Bibliopolis, LLC
Berkeley | Pittsburgh






[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux