system environment/daemons

Jump to letter: [ ABCDEFGHIJLMNOPRSTUVX ]

mod_brotli - Compress content via Brotli before it is delivered to the client

Website: http://httpd.apache.org/
License: ASL 2.0
Vendor: AnNyung Packaging Team
Description:
The mod_brotli module provides the BROTLI_COMPRESS output filter that
allows output from your server to be compressed using the brotli
compression format before being sent to the client over the network.

Packages

mod_brotli-2.4.57-1.an3.x86_64 [31 KiB] Changelog by JoungKyun.Kim (2023-08-26): 
- update 2.4.57
  see also https://downloads.apache.org/httpd/CHANGES_2.4.57
- security issues
  . CVE-2023-27522: mod_proxy_uwsgi HTTP response splitting
  . CVE-2023-25690: mod_rewrite, mod_proxy HTTP request splitting
mod_brotli-2.4.55-1.an3.x86_64 [30 KiB] Changelog by JoungKyun.Kim (2023-02-08): 
- update 2.4.55
  see also https://downloads.apache.org/httpd/CHANGES_2.4.55
- security issues
  . CVE-2022-37436: mod_proxy allows a backend to trigger HTTP response splitting
  . CVE-2022-36760: mod_proxy_ajp Possible request smuggling
  . CVE-2006-20001: mod_dav out of  bounds read, or write of zero byte
mod_brotli-2.4.54-1.an3.x86_64 [30 KiB] Changelog by JoungKyun.Kim (2022-08-27): 
- update 2.4.54
  see also https://downloads.apache.org/httpd/CHANGES_2.4.54
- security issues
  . CVE-2022-31813: mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism
  . CVE-2022-30556: Information Disclosure in mod_lua with websockets
  . CVE-2022-30522: mod_sed denial of service
  . CVE-2022-29404: Denial of service in mod_lua r:parsebody
  . CVE-2022-28615: Read beyond bounds in ap_strcmp_match()
  . CVE-2022-28614: read beyond bounds via ap_rwrite()
  . CVE-2022-28330: read beyond bounds in mod_isapi
  . CVE-2022-26377: mod_proxy_ajp: Possible request smuggling
mod_brotli-2.4.53-1.an3.x86_64 [29 KiB] Changelog by JoungKyun.Kim (2022-03-25): 
- update 2.4.53
  see also https://downloads.apache.org/httpd/CHANGES_2.4.53
- security issues
  . CVE-2022-22719 lua: uninitialized value of in r:parsebody
  . CVE-2022-22720 HTTP request smuggling vulnerability
  . CVE-2022-22721 core: Possible buffer overflow with very large or unlimited LimitXMLRequestBody
  . CVE-2022-23943 sed: Read/write beyond bounds
mod_brotli-2.4.52-1.an3.x86_64 [29 KiB] Changelog by JoungKyun.Kim (2021-12-29): 
- update 2.5.52
  see also https://downloads.apache.org/httpd/CHANGES_2.4.52
- security issues
  . CVE-2021-44790 lua: Possible buffer overflow when parsing multipart content
  . CVE-2021-44224 proxy: Possible NULL dereference or SSRF in forward proxy configurations
mod_brotli-2.4.51-1.an3.x86_64 [29 KiB] Changelog by JoungKyun.Kim (2021-10-13): 
- update 2.4.51
  see also https://downloads.apache.org/httpd/CHANGES_2.4.50
  see also https://downloads.apache.org/httpd/CHANGES_2.4.51
- security isseus
  . CVE-2021-42013 core: Path traversal and file disclosure vulnerability
  . CVE-2021-41773 core: Path traversal and file disclosure vulnerability
  . CVE-2021-41524 core: null pointer dereference in h2 fuzzing
mod_brotli-2.4.49-1.an3.x86_64 [28 KiB] Changelog by JoungKyun.Kim (2021-10-03): 
- update 2.4.49
  see also https://downloads.apache.org/httpd/CHANGES_2.4.49
- security issues
  . CVE-2021-34798 core: null pointer dereference on malformed request
  . CVE-2021-39275 core: ap_escape_quotes buffer overflow
  . CVE-2021-33193 mod_http2: Request splitting vulnerability with mod_proxy
  . CVE-2021-40438 mod_proxy: Server Side Request Forgery (SSRF) vulnerabilty
  . CVE-2021-36160 mod_proxy_uwsgi: Out of bound read vulnerability
mod_brotli-2.4.48-1.an3.x86_64 [28 KiB] Changelog by JoungKyun.Kim (2021-07-22): 
- update 2.4.48
  see also https://downloads.apache.org/httpd/CHANGES_2.4.46
- security issues
  . CVE-2021-31618
  . CVE-2021-30641
  . CVE-2020-35452
  . CVE-2021-26691
  . CVE-2021-26690
  . CVE-2020-13950
  . CVE-2020-13938
  . CVE-2019-17567
mod_brotli-2.4.46-1.an3.x86_64 [28 KiB] Changelog by JoungKyun.Kim (2020-08-17): 
- update 2.4.46
  see also https://downloads.apache.org/httpd/CHANGES_2.4.44
  see also https://downloads.apache.org/httpd/CHANGES_2.4.45
  see also https://downloads.apache.org/httpd/CHANGES_2.4.46
- security issues
  . CVE-2020-11984
  . CVE-2020-11993
mod_brotli-2.4.43-1.an3.x86_64 [27 KiB] Changelog by JoungKyun.Kim (2020-04-06): 
- update 2.4.43
  see also https://downloads.apache.org/httpd/CHANGES_2.4.43
- security issues
  . CVE-2020-1934
  . CVE-2020-1927
mod_brotli-2.4.41-1.an3.x86_64 [27 KiB] Changelog by JoungKyun.Kim (2019-08-24): 
- update 2.4.41
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.41
- security issues
  . CVE-2019-10081 mod_http2
  . CVE-2019-9517  mod_http2
  . CVE-2019-10098 rewrite
  . CVE-2019-10092
  . CVE-2019-10097 mod_remoteip
  . CVE-2019-10082 mod_http2
mod_brotli-2.4.39-1.an3.x86_64 [26 KiB] Changelog by JoungKyun.Kim (2019-05-13): 
- update 2.4.39
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.36
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.37
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.38
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.39
- support TLS 1.3
- security issues
  . CVE-2019-0197 mod_http2
  . CVE-2019-0196 mod_http2
  . CVE-2019-0211 MPM
  . CVE-2019-0217 mod_auth_digest
  . CVE-2019-0215 mod_ssl
  . CVE-2019-0190 mod_ssl
  . CVE-2019-0220 Merge consecutive slashes in URL's. Opt-out with `MergeSlashes OFF`
  . CVE-2018-17199 mod_session_cookie
  . CVE-2018-17189 mod_http2
mod_brotli-2.4.37-1.an3.x86_64 [26 KiB] Changelog by JoungKyun.Kim (2018-12-10): 
- update 2.4.37
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.37
mod_brotli-2.4.35-1.an3.x86_64 [26 KiB] Changelog by JoungKyun.Kim (2018-10-13): 
- update 2.4.35
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.35
mod_brotli-2.4.34-1.an3.x86_64 [26 KiB] Changelog by JoungKyun.Kim (2018-08-19): 
- update 2.4.34
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.34
- security issues
  . CVE-2018-8011 mod_md
    DoS via Coredumps on specially crafted requests
  . CVE-2018-1333 mod_http2
    DoS for HTTP/2 connections by specially crafted requests
mod_brotli-2.4.33-1.an3.x86_64 [25 KiB] Changelog by JoungKyun.Kim (2018-04-08): 
- update 2.4.33
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.33
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.32
  see also http://www.apache.org/dist/httpd/CHANGES_2.4.29
- add mod_md module
- security issues
  . CVE-2017-15710 mod_authnz_ldap:
    Out of bound write with AuthLDAPCharsetConfig enabled
  . CVE-2017-15715 core:
    Configure the regular expression engine to match '$' to the end of
    the input string only, excluding matching the end of any embedded 
    newline characters. Behavior can be changed with new directive 
    'RegexDefaultOptions'.
  . CVE-2018-1283 mod_session:
    CGI-like applications that intend to read from mod_session's 
    'SessionEnv ON' could be fooled into reading user-supplied data instead.
  . CVE-2018-1301 core:
    Possible crash with excessively long HTTP request headers. 
    Impractical to exploit with a production build and production LogLevel.
  . CVE-2018-1302 mod_http2: Potential crash w/ mod_http2
  . CVE-2018-1303 mod_cache_socache:
    Fix request headers parsing to avoid a possible crash
    with specially crafted input data.
  . CVE-2018-1312 mod_auth_digest:
    Fix generation of nonce values to prevent replay
    attacks across servers using a common Digest domain. This change
    may cause problems if used with round robin load balancers.

Listing created by Repoview-0.6.6-4.el7