Multiple vulnerabilities have been found in Apache HTTP Server, the worst of which could lead to arbitrary code execution.
Package | www-servers/apache on all architectures |
---|---|
Affected versions | < 2.2.29 |
Unaffected versions | >= 2.2.29 |
Apache HTTP Server is one of the most popular web servers on the Internet.
Multiple vulnerabilities have been discovered in Apache HTTP Server. Please review the CVE identifiers referenced below for details.
A remote attacker may be able to execute arbitrary code or cause a Denial of Service condition.
There is no known workaround at this time.
All Apache users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/apache-2.2.29"
Release date
April 11, 2015
Latest revision
April 19, 2015: 2
Severity
normal
Exploitable
remote
Bugzilla entries