CVE-2021-26691: heap overflow
CVE-2021-39275: out-of-bounds-write
CVE-2021-44790: buffer overflow
Advance to version 2.4.6-97.el7.centos.
=== testing
boot iso and log in; become root; httpd is not running
systemctl stop lighttpd # free up port 80
systemctl start httpd # takes a while
echo arf > /var/www/html/arf.txt # something to fetch
wget http://localhost/arf.txt
cat arf.txt
This shows httpd is processing requests.
===
Closes-bug: 1960765
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Change-Id: Idcff71fe505a187e7bcfaea7a8818233a4ef76ac