-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4192-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk May 29, 2025 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : modsecurity-apache Version : 2.9.3-3+deb11u3 CVE ID : CVE-2025-47497 Debian Bug : 1106286 DoS with sanitiseMatchedBytes has been fixed in modsecurity-apache, a module for the Apache webserver to tighten Web application security. For Debian 11 bullseye, this problem has been fixed in version 2.9.3-3+deb11u3. We recommend that you upgrade your modsecurity-apache packages. For the detailed security status of modsecurity-apache please refer to its security tracker page at: https://security-tracker.debian.org/tracker/modsecurity-apache Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmg4yrUACgkQiNJCh6LY mLErBBAAqYep49NLC8g7c68E9yjItiNFEkCWWDORO8txRqLx2IN3XjMzkgd9xJ+h TY/AhWD0iiGbMHNh8eVtCi3i1O/yHLcRDqL8l00iQxFG2Z08CbKsgRTAf0gbUKZO O9aPWCoasK4duBctHT1Yl25VvziZlCs8MDQIjmLQs+fOSa1LpbjCJQewxMUkJ4mC RB5SwvrgRMjJWDZshO9+xx023+zEkCzJzQa0z2i7VRM+kMOwZDIXf0pdYyq3Veon UKwSFm9XvHEb2yL2uYkUmZ7DXdr+FoQSpLbsAxI2IYivOIFmzPO6GPzvQ2Xtz8QQ /bu4P6sQL3NEodDF+rhCVaTOvwbLbXKIxO0hUhlJsUr1480k/NRDQwllGRen582H rcFu3ZJwFMApuEw4TEu70iAMbotu3R21vVWcPqtHWdE4KrC5l2Xrr9mDuG+oEUFg ZIdw9nuzq4Uw0d4kV30yfqmYfZKtwE7KtG8OuQZ0Dq3HaJpRIWyAFgZwRIQphXKV TvOcUMdbyTsdJlzftuPmbEZs8pFQvJfcujh+mKdXHywkWvxe3aUr6O6kLoNSaYrM XqssD1XF5pW0c0iVdqxW9CpyXdpQkE1kjopoTuAPYLLQ4+t6PydoyLLq3hzSw9v9 RkUZZ4fun5Q4DOBjJ5FYU4eM42R8aFVVfU0/nuyw2gcQKHSw3Co= =dddV -----END PGP SIGNATURE-----
