FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Apache -- Multiple vulnerabilities

Affected packages
apache24 < 2.4.43

Details

VuXML ID b360b120-74b1-11ea-a84a-4c72b94353b5
Discovery 2020-04-01
Entry 2020-04-02

Apache Team reports:

SECURITY: CVE-2020-1934

mod_proxy_ftp: Use of uninitialized value with malicious backend FTP server.

SECURITY: CVE-2020-1927

rewrite, core: Set PCRE_DOTALL flag by default to avoid unpredictable matches and substitutions with encoded line break characters. The fix for CVE-2019-10098 was not effective.

References

CVE Name CVE-2020-1927
CVE Name CVE-2020-1934
URL https://downloads.apache.org/httpd/CHANGES_2.4.43