Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 70138 - net-www/apache-2: DoS vulnerability
Summary: net-www/apache-2: DoS vulnerability
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Gentoo Security
URL: http://lists.netsys.com/pipermail/ful...
Whiteboard: A3 [glsa] vorlon
Keywords:
: 81348 (view as bug list)
Depends on:
Blocks:
 
Reported: 2004-11-05 01:12 UTC by Hanno Böck
Modified: 2005-02-09 05:01 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2004-11-05 01:12:03 UTC 
apache has a problem with connections containing a lot of spaces, which will cause the server to stop responding for a while.
See FD-link for details
Comment 1 Matthias Geerdsen (RETIRED) gentoo-dev 2004-11-05 01:19:31 UTC 
opening the bug, since this is public already

this is CAN-2004-0942 btw

apache team, please provide an updated ebuild
Comment 2 Matthias Geerdsen (RETIRED) gentoo-dev 2004-11-05 07:12:25 UTC 
urilith has provided 2.0.52-r1 including the fix

arches please test and mark stable

current KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86"
target KEYWORDS="alpha amd64 arm hppa ia64 mips ppc ppc64 s390 sparc x86"
Comment 3 Matthias Geerdsen (RETIRED) gentoo-dev 2004-11-05 07:13:57 UTC 
forgot to add x86 ;-)
Comment 4 Gustavo Zacarias (RETIRED) gentoo-dev 2004-11-05 09:21:35 UTC 
sparc tasty.
Comment 5 Jochen Maes (RETIRED) gentoo-dev 2004-11-05 11:49:16 UTC 
stable on ppc
Comment 6 Markus Rothe (RETIRED) gentoo-dev 2004-11-05 12:54:51 UTC 
stable on ppc64
Comment 7 Bryan Østergaard (RETIRED) gentoo-dev 2004-11-05 16:38:22 UTC 
Stable on alpha.
Comment 8 Olivier Crete (RETIRED) gentoo-dev 2004-11-05 17:20:08 UTC 
x86 there
Comment 9 Joshua Kinard gentoo-dev 2004-11-07 15:28:21 UTC 
mips stable.
Comment 10 Simon Stelling (RETIRED) gentoo-dev 2004-11-09 09:34:48 UTC 
stable on amd64
Comment 11 SpanKY gentoo-dev 2004-11-09 21:59:11 UTC 
everyone is stable now baby
Comment 12 Matthias Geerdsen (RETIRED) gentoo-dev 2004-11-10 09:04:52 UTC 
thanks everyone

GLSA 200411-18
Comment 13 Matthias Geerdsen (RETIRED) gentoo-dev 2005-02-09 05:01:31 UTC 
*** Bug 81348 has been marked as a duplicate of this bug. ***