FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
eb888ce5-1f19-11e9-be05-4c72b94353b5Apache -- vulnerability

The Apache httpd Project reports:

SECURITY: CVE-2018-17199 mod_session: mod_session_cookie does not respect expiry time allowing sessions to be reused.

SECURITY: CVE-2019-0190 mod_ssl: Fix infinite loop triggered by a client-initiated renegotiation in TLSv1.2 (or earlier) with OpenSSL 1.1.1 and later. PR 63052.

SECURITY: CVE-2018-17189 mod_http2: fixes a DoS attack vector. By sending slow request bodies to resources not consuming them, httpd cleanup code occupies a server thread unnecessarily. This was changed to an immediate stream reset which discards all stream state and incoming data.


Discovery 2019-01-22
Entry 2019-01-23
apache24
< 2.4.38

http://www.apache.org/dist/httpd/CHANGES_2.4.38
http://httpd.apache.org/security/vulnerabilities_24.html
CVE-2018-17199
CVE-2018-17189
CVE-2019-0190