CVE-2021-3639

Published: 04 August 2021

Prevent redirect to URLs that begin with ///

Priority

Medium

Status

Package Release Status
libapache2-mod-auth-mellon
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 21.10 (Impish Indri)
Released (0.17.0-1ubuntu1)
Ubuntu 21.04 (Hirsute Hippo)
Released (0.17.0-1ubuntu0.21.04.1)
Ubuntu 20.04 LTS (Focal Fossa)
Released (0.16.0-1ubuntu0.1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (0.13.1-1ubuntu0.3)
Ubuntu 16.04 ESM (Xenial Xerus) Ignored
(out of standard support)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Patches:
Upstream: https://github.com/latchset/mod_auth_mellon/commit/42a11261b9dad2e48d70bdff7c53dd57a12db6f5