336030 – <www-servers/apache-2.2.16: CVE-2010-1452, CVE-2010-2068

Bug 336030 - <www-servers/apache-2.2.16: CVE-2010-1452, CVE-2010-2068

Summary: <www-servers/apache-2.2.16: CVE-2010-1452, CVE-2010-2068

Status:	RESOLVED DUPLICATE of bug 330195

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2010-09-04 21:18 UTC by alex
Modified:	2010-09-04 21:32 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description alex 2010-09-04 21:18:10 UTC

two security bugs in apache
CVE-2010-1452: a remote denial of service bug in mod_cache and mod_dav
http://www.securityfocus.com/bid/41963
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452

CVE-2010-2068: issue within mod_proxy_ajp, mod_proxy_http, mod_reqtimeout
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2068

Both CVEs are fixed in 2.2.16 which is already stable in portage

Comment 1 Alex Legler (RETIRED) archtester

2010-09-04 21:32:31 UTC

This particular issue has already been reported. You will be automatically put into CC on the original bug.

Please be sure to search for existing reports first next time to avoid filing duplicates. (When searching for CVEs enter "CVE 2010 1452" without dashes for best results.) Thanks!


*** This bug has been marked as a duplicate of bug 330195 ***