Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 51815

Summary: net-www/apache multiple security fixes in 1.3.31
Product: Gentoo Security Reporter: Thierry Carrez (RETIRED) <koon>
Component: GLSA ErrorsAssignee: Gentoo Security <security>
Severity: normal CC: zul
Priority: High    
Version: unspecified   
Hardware: All   
OS: All   
Package list:
Runtime testing required: ---

Description Thierry Carrez (RETIRED) gentoo-dev 2004-05-23 05:46:39 UTC
4 security-related bugs have been corrected in Apache 1.3.31 :

CAN-2003-0993 : Access Control List (ACL) Handling on big-endian 64-bit platforms
CAN-2003-0020 : Error Log Escape Sequence Filtering
CAN-2003-0987 : Nonce Verification in Digest Authentication (mod_digest)
CAN-2004-0174 : Starvation Issue in Serialized accept(2) Handling

Version already in portage, needs stable.
Comment 1 Thierry Carrez (RETIRED) gentoo-dev 2004-05-23 05:49:44 UTC
Adding maintainer to Cc: for information.

Arches (x86,ppc,sparc,mips,alpha,hppa,amd64,ia64) : please test and mark stable accordingly.
Comment 2 Chuck Short (RETIRED) gentoo-dev 2004-05-23 06:24:21 UTC
Already marked stable for x86.
Comment 3 Chuck Short (RETIRED) gentoo-dev 2004-05-23 06:26:56 UTC
Please remember to mark mod_ssl 2.8.17 stable as well for mod_ssl.
Comment 4 Christian Birchinger (RETIRED) gentoo-dev 2004-05-23 12:18:02 UTC
Marked stable for sparc
Comment 5 Bryan Ƙstergaard (RETIRED) gentoo-dev 2004-05-24 01:50:18 UTC
Stable on alpha.
Comment 6 Joshua Kinard gentoo-dev 2004-05-24 01:59:26 UTC
mips is stable on apache & mod_ssl.
Comment 7 Guy Martin (RETIRED) gentoo-dev 2004-05-25 08:03:05 UTC
Marked stable on hppa.
Comment 8 Danny van Dyk (RETIRED) gentoo-dev 2004-05-25 08:12:25 UTC
Marked stable on amd64.
Comment 9 Thierry Carrez (RETIRED) gentoo-dev 2004-05-26 10:42:23 UTC
GLSA 200405-22