And that, of course, is based off of completely the wrong version. I'm
not even sure where I got that from.
Here's a patch that's actually for the Lucid packaging. (Testing still
forthcoming)
** Also affects: libapache-mod-security (Ubuntu)
Importance: Undecided
Status: New
** Patch added: "libapache-mod-security_2.5.11-1ubuntu0.1.debdiff"
https://bugs.launchpad.net/ubuntu/+source/libapache-mod-security/+bug/1169030/+attachment/3644987/+files/libapache-mod-security_2.5.11-1ubuntu0.1.debdiff
** Changed in: libapache-mod-security (Ubuntu)
Status: New => In Progress
** Changed in: modsecurity-apache (Ubuntu)
Status: In Progress => Triaged
** Changed in: modsecurity-apache (Ubuntu)
Assignee: Evan Broder (broder) => (unassigned)
** Changed in: libapache-mod-security (Ubuntu)
Assignee: (unassigned) => Evan Broder (broder)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1169030
Title:
CVE 2013-1915: local files disclosure or resource exhaustion via XML
External Entity attack
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/libapache-mod-security/+bug/1169030/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
