Xenial and Bionic also addressed through ESM:
Ubuntu 18.04 LTS
fossil 1:2.5-1ubuntu0.1~
Ubuntu 16.04 LTS
fossil 1:1.33-3ubuntu0.1~esm1
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2064
USN for reference: https://ubuntu.com/security/notices/USN-6770-1
** Changed in: fossil (Ubuntu Bionic)
Status: New => Fix Released
** Changed in: fossil (Ubuntu Xenial)
Status: New => Fix Released
** Changed in: fossil (Ubuntu)
Status: New => Fix Released
--
You received
This bug was fixed in the package fossil - 1:2.23-1ubuntu0.1
---
fossil (1:2.23-1ubuntu0.1) noble-security; urgency=medium
* SECURITY REGRESSION: break due to apache2 security update (LP: #2064509)
- debian/patches/missing-content-length-fix-*.patch: Update HTTP reply
pars
This bug was fixed in the package fossil - 1:2.18-1ubuntu0.1
---
fossil (1:2.18-1ubuntu0.1) jammy-security; urgency=medium
* SECURITY REGRESSION: break due to apache2 security update (LP: #2064509)
- debian/patches/missing-content-length-fix-*.patch: Update HTTP reply
pars
This bug was fixed in the package fossil - 1:2.10-1ubuntu0.1
---
fossil (1:2.10-1ubuntu0.1) focal-security; urgency=medium
* SECURITY REGRESSION: break due to apache2 security update (LP: #2064509)
- debian/patches/missing-content-length-fix-*.patch: Update HTTP reply
pars
This bug was fixed in the package fossil - 1:2.22-1ubuntu0.1
---
fossil (1:2.22-1ubuntu0.1) mantic-security; urgency=medium
* SECURITY REGRESSION: break due to apache2 security update (LP: #2064509)
- debian/patches/missing-content-length-fix-*.patch: Update HTTP reply
par
Fix commit: https://fossil-scm.org/home/info/a8e33fb161f45b65
(For this issue, a subset of the changes to src/http.c are the fix)
Followed by:
https://fossil-scm.org/home/info/71919ad1b542832c
and
https://fossil-scm.org/home/info/f4ffefe708793b03
--
You received this bug notification because
Workaround note:
Fossil CGI documentation adds config option to restore legacy behavior
in Apache: https://fossil-scm.org/home/doc/trunk/www/server/any/cgi.md
** Also affects: fossil (Ubuntu Mantic)
Importance: Undecided
Status: New
** Also affects: fossil (Ubuntu Noble)
Importance:
** Changed in: fossil (Debian)
Status: Unknown => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2064509
Title:
Fossil regression due CVE-2024-24795
To manage notifications abou
FWIW it looks like Debian has handled this issue (see the attached bug
watch).
** Bug watch added: Debian Bug tracker #1070069
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070069
** Also affects: fossil (Debian) via
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070069
Importan
10 matches
Mail list logo
