MGASA-2025-0322
- Source
- https://advisories.mageia.org/MGASA-2025-0322.html
- Import Source
- https://advisories.mageia.org/MGASA-2025-0322.json
- JSON Data
- https://api.osv.dev/v1/vulns/MGASA-2025-0322
- Related
- Published
- 2025-12-08T18:36:27Z
- Modified
- 2025-12-08T18:40:38.505692Z
- Summary
- Updated apache packages fix security vulnerabilities
- Details
-
Apache HTTP Server: modmd (ACME), unintended retry intervals. (CVE-2025-55753) Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and modcgid (but not modcgi) passes the shell-escaped query string to #exec cmd="..." directives. (CVE-2025-58098) Apache HTTP Server: CGI environment variable override. (CVE-2025-65082) Apache HTTP Server: moduserdir+suexec bypass via AllowOverride FileInfo. (CVE-2025-66200)
- References
-
- https://advisories.mageia.org/MGASA-2025-0322.html
- https://bugs.mageia.org/show_bug.cgi?id=34803
- https://www.openwall.com/lists/oss-security/2025/12/04/4
- https://www.openwall.com/lists/oss-security/2025/12/04/5
- https://www.openwall.com/lists/oss-security/2025/12/04/7
- https://www.openwall.com/lists/oss-security/2025/12/04/8
- Credits
-
-
- Mageia - COORDINATOR
-
Affected packages
Mageia:9 / apache
Package
- Name
- apache
- Purl
- pkg:rpm/mageia/apache?arch=source&distro=mageia-9