{"id":"MGASA-2013-0231","summary":"Updated apache packages fix security vulnerabilities","details":"Updated apache packages fix security vulnerabilities:\n\nmod_dav.c in the Apache HTTP Server before 2.4.6 does not properly\ndetermine whether DAV is enabled for a URI, which allows remote\nattackers to cause a denial of service (segmentation fault) via a\nMERGE request in which the URI is configured for handling by the\nmod_dav_svn module, but a certain href attribute in XML data refers\nto a non-DAV URI (CVE-2013-1896).\n\nAn unspecified error in Apache HTTP Server within the mod_session_dbd\nmodule related to the handling of the dirty flag during saving of the\nsessions has an unknown impact and remote attack vector (CVE-2013-2249).\n\nAlso, a minor issue causing httpd to not be restarted when installing\nor upgrading certain web applications, as well as an issue with the\nweb application configuration files when upgrading from Mageia 2, both\ndue to the moving of web applications configuration files to the\n/etc/httpd/conf/sites.d directory in Mageia 3, have been corrected.\n","modified":"2026-02-04T02:38:12.872804Z","published":"2013-07-26T11:36:22Z","related":["CVE-2013-1896","CVE-2013-2249"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2013-0231.html"},{"type":"REPORT","url":"http://www.apache.org/dist/httpd/CHANGES_2.4"},{"type":"REPORT","url":"http://xforce.iss.net/xforce/xfdb/85871"},{"type":"REPORT","url":"http://www.mandriva.com/en/support/security/advisories/mbs1/MDVSA-2013:193/"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=10178"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=10275"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=10756"}],"affected":[{"package":{"name":"apache","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/apache?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.4.4-7.4.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2013-0231.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}