Mantis - apache2
|
|||||
Viewing Issue Advanced Details | |||||
|
|||||
ID: | Category: | Severity: | Reproducibility: | Date Submitted: | Last Update: |
5174 | upgrade | minor | have not tried | 2014-05-26 15:17 | 2016-09-27 13:34 |
|
|||||
Reporter: | briandking | Platform: | |||
Assigned To: | dam | OS: | |||
Priority: | normal | OS Version: | |||
Status: | closed | Product Version: | |||
Product Build: | Resolution: | fixed | |||
Projection: | none | ||||
ETA: | none | Fixed in Version: | |||
|
|||||
Summary: | 0005174: Update mod_ssl to be based on openssl 1.0.1g for heartbleed bug | ||||
Description: |
Mod_ssl packaged with the current CSWapache2 appears to be based on a version of openssl that was vulnerable to the heartbleed bug: bash-3.2# strings /opt/csw/apache2/libexec/mod_ssl.so | grep -i openssl ... OpenSSL 1.0.1f 6 Jan 2014 A newer version of the apache 2.2 line is released as well, which contains a couple of security fixed. CSWapache2 is currently at 2.2.26 and the current apache release is 2.2.27: http://www.apache.org/dist/httpd/Announcement2.2.html [^] |
||||
Steps To Reproduce: | |||||
Additional Information: | |||||
Relationships | |||||
Attached Files: | |||||
|
|||||
Issue History | |||||
Date Modified | Username | Field | Change | ||
2014-05-26 15:17 | briandking | New Issue | |||
2014-06-02 09:13 | dam | Status | new => assigned | ||
2014-06-02 09:13 | dam | Assigned To | => dam | ||
2014-06-02 09:20 | dam | Note Added: 0010844 | |||
2014-06-02 11:38 | dam | Note Added: 0010846 | |||
2014-06-02 11:38 | dam | Status | assigned => feedback | ||
2016-09-26 17:15 | briandking | Note Added: 0011192 | |||
2016-09-27 13:33 | dam | Status | feedback => closed | ||
2016-09-27 13:34 | dam | Resolution | open => fixed |
Notes | |||||
|
|||||
|
|
||||
|
|||||
|
|
||||
|
|||||
|
|