FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

apache22 -- several vulnerabilities

Affected packages
2.2.0 < apache22 < 2.2.23
2.2.0 < apache22-event-mpm < 2.2.23
2.2.0 < apache22-itk-mpm < 2.2.23
2.2.0 < apache22-peruser-mpm < 2.2.23
2.2.0 < apache22-worker-mpm < 2.2.23

Details

VuXML ID 65539c54-2517-11e2-b9d6-20cf30e32f6d
Discovery 2012-09-13
Entry 2012-11-02

Apache HTTP SERVER PROJECT reports:

low: XSS in mod_negotiation when untrusted uploads are supported CVE-2012-2687

Possible XSS for sites which use mod_negotiation and allow untrusted uploads to locations which have MultiViews enabled.

low: insecure LD_LIBRARY_PATH handling CVE-2012-0883

This issue was already fixed in port version 2.2.22_5

References

CVE Name CVE-2012-0833
CVE Name CVE-2012-2687