0021651: Vulnerability for CVE-2016-4975

View Issue Details [ Jump to Notes ]

[ Issue History ] [ Print ]

Project

Category

View Status

Date Submitted

Last Update

0021651

ClearOS

httpd

public

2018-10-01 11:40

2019-02-23 15:11

Reporter

dloper

Assigned To

dloper

Priority

normal

Severity

minor

Reproducibility

always

Status

closed

Resolution

suspended

Platform

OS Version

Product Version

7.4.0

Target Version

7.6.0 Updates

Fixed in Version

Summary

0021651: Vulnerability for CVE-2016-4975

Description

CVE-2016-4975 creates a vulnerability in httpd and webconfig-httpd. This old bug has not been addressed by Redhat or CentOS communities at this time.

https://bugzilla.redhat.com/show_bug.cgi?id=1375968 [^]

https://access.redhat.com/security/cve/cve-2016-4975 [^]

We may need to fork if upstream is not forthcoming with a fix for this issue.

Additional Information

Redhat has backported this fix into https://access.redhat.com/errata/RHSA-2018:2185 [^]

But has not ported this to httpd yet.

Tags

No tags attached.

Attached Files

Relationships

Notes
(0009401) dloper (administrator) 2019-02-23 15:11	Migrated to: https://gitlab.com/clearos/clearfoundation/app-web-server/issues/3 [^]

Issue History
Date Modified	Username	Field	Change
2018-10-01 11:40	dloper	New Issue
2018-10-01 12:10	user2	Status	new => confirmed
2018-10-30 18:07	user2	Severity	major => minor
2018-10-30 18:08	user2	Target Version	7.5.0 Updates => 7.6.0 Updates
2019-02-23 15:11	dloper	Note Added: 0009401
2019-02-23 15:11	dloper	Status	confirmed => closed
2019-02-23 15:11	dloper	Assigned To	=> dloper
2019-02-23 15:11	dloper	Resolution	open => suspended

Community Forums

ClearOS Portal

ClearVM Platform

ClearVM 2 Platform

ClearOS Bug Tracker

Sitemap

Foundation

Company

Partners

Purchase

Contact Us