88402 – 200310-04 GLSA for apache2 marked as affected on apache1.x too

Bug 88402 - 200310-04 GLSA for apache2 marked as affected on apache1.x too

Summary: 200310-04 GLSA for apache2 marked as affected on apache1.x too

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	GLSA Errors (show other bugs)
Hardware:	All All

Importance:	Normal normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2005-04-08 13:30 UTC by -:Szab100:-
Modified:	2005-04-09 10:54 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description -:Szab100:- 2005-04-08 13:30:44 UTC

Hi,


i've the latest stable version of apache1.3.x and the `glsa-check -l` command tells me that my apache is affected by glsa number 200310-04.

As i can see with -d, this bug is only exists in apache2 releases.

I think the problem is this:

 "Vulnerable:        <2.0.48
  Unaffected:        >=2.0.48"

1.3.x is smaller than 2.0.48, so it thinks its affected.. 

It's very important to fix it because i use a script to monitor 'glsa-check -l',  look for '[N]' and send emails if any package is vulnerable.

bye
szab

Comment 1 Thierry Carrez (RETIRED) gentoo-dev

2005-04-09 04:56:03 UTC

There was an error in that (old) GLSA.
I think I fixed it : please sync in an hour and test again.

Comment 2 -:Szab100:- 2005-04-09 10:54:54 UTC

Yes, you made it :)

thanx