CVE-2013-5704

Priority
Low
Description
The mod_headers module in the Apache HTTP Server 2.2.22 allows remote
attackers to bypass "RequestHeader unset" directives by placing a header in
the trailer portion of data sent with chunked transfer coding. NOTE: the
vendor states "this is not a security issue in httpd as such."
References
Bugs
Notes
mdeslaur> as of 2014-07-21, no upstream fix
Package
Upstream:needed
Ubuntu 10.04 LTS (Lucid Lynx):deferred (2014-07-21)
Ubuntu 12.04 LTS (Precise Pangolin):deferred (2014-07-21)
Ubuntu 14.04 LTS (Trusty Tahr):deferred (2014-07-21)
Ubuntu 14.10 (Utopic Unicorn):deferred (2014-07-21)
More Information

Valid XHTML 1.0 Strict

Updated: 2014-07-21 20:14:08 UTC (commit 8261)