Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 204409 (CVE-2007-6421) - www-servers/apache-2.2.X httpd mod_proxy_balancer cross-site scripting (CVE-2007-6421)
Summary: www-servers/apache-2.2.X httpd mod_proxy_balancer cross-site scripting (CVE-2...
Alias: CVE-2007-6421
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High trivial (vote)
Assignee: Gentoo Security
Whiteboard: C4 [noglsa]
Depends on: 204838
  Show dependency tree
Reported: 2008-01-05 10:34 UTC by Lars Hartmann
Modified: 2008-01-28 21:52 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Lars Hartmann 2008-01-05 10:34:14 UTC
There is a cross site scripting vulnerability in mod_proxy_balancer which can be fixed by aplying the following patches:

Reproducible: Always
Comment 1 Lars Hartmann 2008-01-05 10:35:10 UTC
maintainers - please provide an updated ebuild
Comment 2 Benedikt Böhm (RETIRED) gentoo-dev 2008-01-07 23:03:54 UTC
fixed in 2.2.6-r7, see #204838
Comment 3 Benedikt Böhm (RETIRED) gentoo-dev 2008-01-10 16:19:47 UTC
this one is ready
Comment 4 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2008-01-13 14:10:05 UTC
I vote NO.
Comment 5 Pierre-Yves Rofes (RETIRED) gentoo-dev 2008-01-28 21:52:23 UTC
voting NO too, and closing.