ClearOS Bug Tracker


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0021651ClearOShttpdpublic2018-10-01 11:402018-10-30 18:08
Reporterdloper 
Assigned To 
PrioritynormalSeverityminorReproducibilityalways
StatusconfirmedResolutionopen 
PlatformOSOS Version
Product Version7.4.0 
Target Version7.6.0 UpdatesFixed in Version 
Summary0021651: Vulnerability for CVE-2016-4975
DescriptionCVE-2016-4975 creates a vulnerability in httpd and webconfig-httpd. This old bug has not been addressed by Redhat or CentOS communities at this time.

https://bugzilla.redhat.com/show_bug.cgi?id=1375968 [^]

https://access.redhat.com/security/cve/cve-2016-4975 [^]

We may need to fork if upstream is not forthcoming with a fix for this issue.
Additional InformationRedhat has backported this fix into https://access.redhat.com/errata/RHSA-2018:2185 [^]

But has not ported this to httpd yet.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
There are no notes attached to this issue.

- Issue History
Date Modified Username Field Change
2018-10-01 11:40 dloper New Issue
2018-10-01 12:10 pbaldwin Status new => confirmed
2018-10-30 18:07 pbaldwin Severity major => minor
2018-10-30 18:08 pbaldwin Target Version 7.5.0 Updates => 7.6.0 Updates