Summary: | <www-servers/apache-2.4.16: version bump with security fixes (CVE-2015-{0228, 0253, 3183, 3185}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Zoltán Halassy <zhalassy> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | enhancement | CC: | pacho, polynomial-c |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.apache.org/dist/httpd/Announcement2.4.html | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- |
Description
Zoltán Halassy
2015-07-15 11:13:28 UTC
Sorry, accidently linked changelog from apachelounge, ASF changelog can be seen here: http://www.apache.org/dist/httpd/CHANGES_2.4.16 The ebuild used for 2.4.12-r1 seem to work without problems for 2.4.16, without modifications. +*apache-tools-2.4.16 (16 Jul 2015) + + 16 Jul 2015; Lars Wendler <polynomial-c@gentoo.org> + apache-tools-2.4.12.ebuild, +apache-tools-2.4.16.ebuild: + Version bump (bug #554948). Slightly tweaked openssl dependency. + +*apache-2.4.16 (16 Jul 2015) + + 16 Jul 2015; Lars Wendler <polynomial-c@gentoo.org> +apache-2.4.16.ebuild: + Version bump (bug #554948). + No stabilization planned yet. vulnerable versions are gone from the tree Added to existing GLSA. This issue was resolved and addressed in GLSA 201610-02 at https://security.gentoo.org/glsa/201610-02 by GLSA coordinator Kristian Fiskerstrand (K_F). |