Anonymous | Login | 2024-05-08 04:44 CEST |
Main | My View | View Issues |
Viewing Issue Advanced Details [ Jump to Notes ] | [ View Simple ] [ Issue History ] [ Print ] | ||||||
ID | Category | Severity | Reproducibility | Date Submitted | Last Update | ||
0005284 | [apache2] upgrade | minor | always | 2016-09-26 17:19 | 2017-10-29 12:28 | ||
Reporter | briandking | View Status | public | ||||
Assigned To | dam | ||||||
Priority | normal | Resolution | fixed | Platform | |||
Status | closed | OS | |||||
Projection | none | OS Version | |||||
ETA | none | Product Build | |||||
Summary | 0005284: Security Fix for "httpoxy" CVE-2016-5387 | ||||||
Description |
Apache should be at version 2.2.32 to fix the latest known security issues documented here: https://httpd.apache.org/security/vulnerabilities_22.html [^] In particular, 2.2.31 (currently the latest available on OpenCSW) is vulnerable to "httpoxy" CVE-2016-5387: https://www.apache.org/security/asf-httpoxy-response.txt [^] |
||||||
Steps To Reproduce | |||||||
Additional Information | |||||||
Tags | No tags attached. | ||||||
Attached Files | |||||||
|
Notes | |
(0011195) jh (developer) 2016-10-04 14:22 |
there is no 2.2.32 release yet. Will update as soon as it is released |
(0011238) briandking (reporter) 2017-02-10 14:35 |
2.2.32 was released 2017-01-13 It is available here: https://httpd.apache.org/download.cgi#apache22 [^] |
(0011239) dam (administrator) 2017-02-10 16:56 |
Apache 2.2.32,REV=2017.02.10 has been pushed to unstable/. Thanks for the reminder -- Dago |
Copyright © 2000 - 2008 Mantis Group |