CVE-2014-5015 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5015): bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme and access restrictions via a long path. @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
+ 27 Nov 2014; Michael Palimaka <kensington@gentoo.org> + +bozohttpd-20140708.ebuild: + Version bump wrt bug #518078, solving CVE-2014-5015. Ready to stable, target KEYWORDS="x86".
x86 stable. Maintainer(s), please cleanup. Security, please vote.
+ 12 Dec 2014; Pacho Ramos <pacho@gentoo.org> -bozohttpd-20100621.ebuild, + -bozohttpd-20111118.ebuild: + Drop old +
GLSA vote: no.
GLSA Vote: No, closing noglsa