|
Mantis - apache2
|
|||||
| Viewing Issue Advanced Details | |||||
|
|
|||||
| ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
| 5174 | upgrade | minor | have not tried | 2014-05-26 15:17 | 2016-09-27 13:34 |
|
|
|||||
| Reporter: | briandking | Platform: | |||
| Assigned To: | dam | OS: | |||
| Priority: | normal | OS Version: | |||
| Status: | closed | Product Version: | |||
| Product Build: | Resolution: | fixed | |||
| Projection: | none | ||||
| ETA: | none | Fixed in Version: | |||
|
|
|||||
| Summary: | 0005174: Update mod_ssl to be based on openssl 1.0.1g for heartbleed bug | ||||
| Description: |
Mod_ssl packaged with the current CSWapache2 appears to be based on a version of openssl that was vulnerable to the heartbleed bug: bash-3.2# strings /opt/csw/apache2/libexec/mod_ssl.so | grep -i openssl ... OpenSSL 1.0.1f 6 Jan 2014 A newer version of the apache 2.2 line is released as well, which contains a couple of security fixed. CSWapache2 is currently at 2.2.26 and the current apache release is 2.2.27: http://www.apache.org/dist/httpd/Announcement2.2.html [^] |
||||
| Steps To Reproduce: | |||||
| Additional Information: | |||||
| Relationships | |||||
| Attached Files: | |||||
|
|
|||||
| Issue History | |||||
| Date Modified | Username | Field | Change | ||
| 2014-05-26 15:17 | briandking | New Issue | |||
| 2014-06-02 09:13 | dam | Status | new => assigned | ||
| 2014-06-02 09:13 | dam | Assigned To | => dam | ||
| 2014-06-02 09:20 | dam | Note Added: 0010844 | |||
| 2014-06-02 11:38 | dam | Note Added: 0010846 | |||
| 2014-06-02 11:38 | dam | Status | assigned => feedback | ||
| 2016-09-26 17:15 | briandking | Note Added: 0011192 | |||
| 2016-09-27 13:33 | dam | Status | feedback => closed | ||
| 2016-09-27 13:34 | dam | Resolution | open => fixed | ||
| Notes | |||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||