ClearOS Bug Tracker

Main | My View | View Issues | Change Log | Roadmap | Repositories
  

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0021651ClearOShttpdpublic2018-10-01 11:402019-02-23 15:11
Reporterdloper 
Assigned Todloper 
PrioritynormalSeverityminorReproducibilityalways
StatusclosedResolutionsuspended 
PlatformOSOS Version
Product Version7.4.0 
Target Version7.6.0 UpdatesFixed in Version 
Summary0021651: Vulnerability for CVE-2016-4975
DescriptionCVE-2016-4975 creates a vulnerability in httpd and webconfig-httpd. This old bug has not been addressed by Redhat or CentOS communities at this time.

https://bugzilla.redhat.com/show_bug.cgi?id=1375968 [^]

https://access.redhat.com/security/cve/cve-2016-4975 [^]

We may need to fork if upstream is not forthcoming with a fix for this issue.
Additional InformationRedhat has backported this fix into https://access.redhat.com/errata/RHSA-2018:2185 [^]

But has not ported this to httpd yet.
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0009401)
dloper (administrator)
2019-02-23 15:11

 Migrated to: https://gitlab.com/clearos/clearfoundation/app-web-server/issues/3 [^]

- Issue History
Date Modified Username Field Change
2018-10-01 11:40 dloper New Issue
2018-10-01 12:10 user2 Status new => confirmed
2018-10-30 18:07 user2 Severity major => minor
2018-10-30 18:08 user2 Target Version 7.5.0 Updates => 7.6.0 Updates
2019-02-23 15:11 dloper Note Added: 0009401
2019-02-23 15:11 dloper Status confirmed => closed
2019-02-23 15:11 dloper Assigned To => dloper
2019-02-23 15:11 dloper Resolution open => suspended