The ebuild is in the tree already since maybe three weeks or so, running it in production since 2 weeks. Can we proceed with stabilisation? Reproducible: Always
Arches please test and mark stable the following packages: =app-admin/apache-tools-2.2.31 =www-servers/apache-2.2.31 with target KEYWORDS: alpha amd64 arm ~arm64 hppa ia64 ~mips ppc ppc64 ~s390 ~sh sparc x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd
amd64 stable
Stable on alpha.
x86 stable
Version - 2.2.31 not security problems Version - 2.2.30 CVE-2015-3183,
CVE-2015-3183 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3183): The chunked transfer coding implementation in the Apache HTTP Server before 2.4.14 does not properly parse chunk headers, which allows remote attackers to conduct HTTP request smuggling attacks via a crafted request, related to mishandling of large chunk-size values and invalid chunk-extension characters in modules/http/http_filters.c.
Stable for HPPA.
Stable for PPC64.
ia64 stable
arm stable
ppc stable
sparc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
New GLSA Request filed. Maintainer(s), please drop the vulnerable version(s).
Maintainer(s), please drop the vulnerable version(s).
Maintainer(s), Thank you for you for cleanup.
This issue was resolved and addressed in GLSA 201610-02 at https://security.gentoo.org/glsa/201610-02 by GLSA coordinator Kristian Fiskerstrand (K_F).