Linux Advisory Watch: July 9, 2021
Thank you for reading the LinuxSecurity Linux Advisory Watch newsletter!
This week, important updates have been issued for the Linux kernel, apache2 and file-roller.
We recommend that you visit our Advisories page frequently to see the latest security advisories that have been issued by your Linux distro(s). We also now offer the ability to personalize your LinuxSecurity.com User Profile to include the latest advisories for the distros you select.
On behalf of the LinuxSecurity.com administrative team, I would like to extend a warm welcome to our newly redesigned site!
Yours in Open Source,
Several vulnerabilities have been found in the Apache HTTP server including a MergeSlashes regression (CVE-2021-30641), a NULL pointer dereference on specially crafted HTTP/2 requests (CVE-2021-31618), a mod_proxy NULL pointer dereference (CVE-2020-13950), a single zero byte stack overflow in mod_auth_digest (CVE-2020-35452), a mod_session NULL pointer dereference in parser (CVE-2021-26690) and a heap overflow in mod_session (CVE-2021-26691).
These bugs could result in denial of service (DoS) and possible execution of arbitrary code.
We recommend that apache2 users upgrade their apache2 packages as soon as possible. In general, a standard system update will make all the necessary changes.
Your Related Advisories:
Register to Customize Your Advisories