UbuntuUpdates.org

Package "libapache2-mod-perl2"

Name: libapache2-mod-perl2

Description:

Integration of perl with the Apache2 web server
Latest version: 2.0.8+httpd24-r1449661-6ubuntu2.1
Release: trusty (14.04)
Level: updates
Repository: main
Homepage: http://perl.apache.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libapache2-mod-perl2"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libapache2-mod-perl2" in Trusty

Repository Area Version
base main 2.0.8+httpd24-r1449661-6ubuntu2
security main 2.0.8+httpd24-r1449661-6ubuntu2.1

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2.0.8+httpd24-r1449661-6ubuntu2.1 2018-11-21 18:06:19 UTC

  libapache2-mod-perl2 (2.0.8+httpd24-r1449661-6ubuntu2.1) trusty-security; urgency=medium

  * SECURITY UPDATE: arbitrary perl code execution via .htaccess file
    - debian/patches/CVE-2011-2767.patch: only allow perl and pod sections
      in server configuration and not per directory in
      src/modules/perl/mod_perl.c.
    - CVE-2011-2767
  * Fix FTBFS caused by test failures due to Apache security updates.
    - debian/patches/370_http_syntax.patch
    - debian/patches/380_inject_header_line_terminators.patch

 -- Marc Deslauriers <email address hidden> Thu, 15 Nov 2018 08:54:50 -0500
CVE-2011-2767 mod_perl 2.0 through 2.0.10 allows attackers to execute arbitrary Perl code by placing it in a user-owned .htaccess file, because (contrary to the do


About   -   Send Feedback to @ubuntu_updates