-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2022-cf658a432f 2022-09-13 01:29:12.232105 --------------------------------------------------------------------------------
Name : libapreq2 Product : Fedora 35 Version : 2.17 Release : 1.fc35 URL : http://httpd.apache.org/apreq/ Summary : Apache HTTP request library Description : libapreq is a shared library with associated modules for manipulating client request data via the Apache API. Functionality includes parsing of application/x-www-form-urlencoded and multipart/form-data content, as well as HTTP cookies.
-------------------------------------------------------------------------------- Update Information:
Fix CVE-2022-22728. -------------------------------------------------------------------------------- ChangeLog:
* Sat Sep 3 2022 Bojan Smojver bojan@rexursive.com - 2.17-1 - Bump up to 2.17 - CVE-2022-22728 * Thu Jul 21 2022 Fedora Release Engineering releng@fedoraproject.org - 2.16-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild * Wed Jun 1 2022 Jitka Plesnikova jplesnik@redhat.com - 2.16-5 - Perl 5.36 rebuild * Thu Jan 20 2022 Fedora Release Engineering releng@fedoraproject.org - 2.16-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild -------------------------------------------------------------------------------- References:
[ 1 ] Bug #2123769 - CVE-2022-22728 libapreq2: multipart form parse memory corruption [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=2123769 [ 2 ] Bug #2123770 - CVE-2022-22728 libapreq2: multipart form parse memory corruption [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2123770 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-cf658a432f' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------