{"id":"MGASA-2014-0180","summary":"Updated apache-mod_security packages fix security vulnerability","details":"Updated apache-mod_security packages fix security vulnerability:\n\nMartin Holst Swende discovered a flaw in the way mod_security handled\nchunked requests. A remote attacker could use this flaw to bypass \nintended mod_security restrictions, allowing them to send requests\ncontaining content that should have been removed by mod_security\n(CVE-2013-5705).\n","modified":"2026-04-16T06:24:33.374327940Z","published":"2014-04-17T20:26:15Z","upstream":["CVE-2013-5705"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0180.html"},{"type":"WEB","url":"https://lists.fedoraproject.org/pipermail/package-announce/2014-April/131375.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13215"}],"affected":[{"package":{"name":"apache-mod_security","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/apache-mod_security?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.4-1.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0180.json"}},{"package":{"name":"apache-mod_security","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/apache-mod_security?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.7.5-2.1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0180.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}