March 31, 2018 Anton Farygin 1:2.4.33-alt1
- 2.4.33
- fixes:
* CVE-2018-1303 low: Possible out of bound read in mod_cache_socache
* CVE-2018-1302 low: Possible write of after free on HTTP/2 stream shutdown
* CVE-2018-1301 low: Possible out of bound access after failure in reading the HTTP request
* CVE-2018-1312 low: Weak Digest auth nonce generation in mod_auth_digest
* CVE-2017-15715 low: <FilesMatch> bypass with a trailing newline in the file name
* CVE-2017-15710 low: Out of bound write in mod_authnz_ldap when using too small Accept-Language values
* CVE-2018-1283 medium: Tampering of mod_session data for CGI applications