UBUNTU 16.04 ELS: apache2 package with the fixes for CVE-2021-30641, CVE-2021-26691, CVE-2021-26690, CVE-2020-35452 released - TuxCare

UBUNTU 16.04 ELS: apache2 package with the fixes for CVE-2021-30641, CVE-2021-26691, CVE-2021-26690, CVE-2020-35452 released

TuxCare Team

June 22, 2021

changelog, CVE-2021-26690

A new updated apache2 package with the fixes for CVE-2021-30641, CVE-2021-26691, CVE-2021-26690, CVE-2020-35452 within Ubuntu 16.04 ELS is now available for download from our production repository.

CHANGELOG

apache2-2.4.18-2ubuntu3.18

  • Fix unexpected URL matching with ‘MergeSlashes OFF’ (CVE-2021-30641)
  • Fix heap overflow in mod_session (CVE-2021-26691)
  • Fix NULL pointer dereference in mod_session (CVE-2021-26690)
  • Fix mod_auth_digest possible stack overflow by one null byte (CVE-2020-35452)

UPDATE COMMAND

apt-get update
apt-get --only-upgrade install apache2*

Stay in the Loop

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching