net-www/apache-1.3.34-r10: vulnerable via glsa(200602-03) ( ver-rev < 2.0.55-r1 && not ( ver = 2.0.54 && ver-rev => 2.0.54-r16 ) && ver-rev not = 1.3.34-r2 && not ( ver = 1.3.34 && ver-rev => 1.3.34-r11 ) ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 's390', 'sh', 'sparc', 'x86') net-www/mod_auth_pgsql-0.9.12-r1: vulnerable via glsa(200601-05) ( ver < 2.0.3 ), affects ('amd64', 'x86') net-www/mod_auth_pgsql-2.0.2-r2: vulnerable via glsa(200601-05) ( ver < 2.0.3 ), affects ('amd64', 'ppc', 'sparc', 'x86') www-apache/libapreq2-2.04.03: vulnerable via glsa(200604-08) ( ver < 2.07 ), affects ('amd64', 'x86') www-apache/libapreq2-2.06: vulnerable via glsa(200604-08) ( ver < 2.07 ), affects ('alpha', 'amd64', 'ppc', 'sparc', 'x86') Please, clean up the above. Thanks! arm, s390, sh still needs to stabilize net-www/apache-1.3.34-r11, CCing.
I just removed mod_auth_pgsql-2.0.2-r2. mod_auth_pgsql-0.9.12 is the only version that works with apache 1.3, so I am hesitant to remove it. The security advisory doesn't mention 0.9.12 at all, so it might be that it's not affected (this needs to be looked into however)
libapreq2 is herd perl, not apache.
Done. Removed www-apache/libapreq2-2.04.03 and www-apache/libapreq2-2.06. Removing perl@g.o from CC now, please re-add if needed.
(In reply to comment #1) > mod_auth_pgsql-0.9.12 is the only version that works with apache 1.3, so I am > hesitant to remove it. The security advisory doesn't mention 0.9.12 at all, so > it might be that it's not affected (this needs to be looked into however) @security: Can you fix the GLSA-200601-05, please?
> @security: Can you fix the GLSA-200601-05, please? > that's now corrected in CVS, thanks
Removing security from CC. Please readd us if needed.
arm, s390, sh: please stable net-www/apache-1.3.34-r14, thanks! Best regards, CHTEKK.
done
Closing! Best regards, CHTEKK.
Uhm, would help to punt the vulnerable versions before closing this one ;) net-www/apache-1.3.34-r10: vulnerable via glsa(200602-03) ( ver-rev < 2.0.55-r1 && not ( ver = 2.0.54 && ver-rev >= 2.0.54-r16 ) && ver-rev not = 1.3.34-r2 && not ( ver = 1.3.34 && ver-rev >= 1.3.34-r11 ) && ver not = 1.3.37 ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 's390', 'sh', 'sparc', 'x86') net-www/apache-1.3.34-r10: vulnerable via glsa(200608-01) ( ver-rev < 2.0.58-r2 && not ( ver = 1.3.34 && ver-rev >= 1.3.34-r14 ) && ver not = 1.3.37 ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 's390', 'sh', 'sparc', 'x86') net-www/apache-1.3.34-r11: vulnerable via glsa(200608-01) ( ver-rev < 2.0.58-r2 && not ( ver = 1.3.34 && ver-rev >= 1.3.34-r14 ) && ver not = 1.3.37 ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 's390', 'sh', 'sparc', 'x86') net-www/apache-2.0.54-r31: vulnerable via glsa(200608-01) ( ver-rev < 2.0.58-r2 && not ( ver = 1.3.34 && ver-rev >= 1.3.34-r14 ) && ver not = 1.3.37 ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 's390', 'sh', 'sparc', 'x86') net-www/apache-2.0.58: vulnerable via glsa(200608-01) ( ver-rev < 2.0.58-r2 && not ( ver = 1.3.34 && ver-rev >= 1.3.34-r14 ) && ver not = 1.3.37 ), affects ('alpha', 'amd64', 'arm', 'hppa', 'ia64', 'mips', 'ppc', 'ppc64', 's390', 'sh', 'sparc', 'x86', 'x86-fbsd')
Old apache versions removed.
