[apache2 0005284]: Security Fix for "httpoxy" CVE-2016-5387

Mantis Bug Tracker noreply at opencsw.org
Fri Feb 10 16:56:32 CET 2017


The following issue has been RESOLVED. 
====================================================================== 
https://www.opencsw.org/mantis/view.php?id=5284 
====================================================================== 
Reported By:                briandking
Assigned To:                dam
====================================================================== 
Project:                    apache2
Issue ID:                   5284
Category:                   upgrade
Reproducibility:            always
Severity:                   minor
Priority:                   normal
Status:                     resolved
Resolution:                 fixed
Fixed in Version:           
====================================================================== 
Date Submitted:             2016-09-26 17:19 CEST
Last Modified:              2017-02-10 16:56 CET
====================================================================== 
Summary:                    Security Fix for "httpoxy" CVE-2016-5387
Description: 
Apache should be at version 2.2.32 to fix the latest known security issues
documented here: https://httpd.apache.org/security/vulnerabilities_22.html

In particular, 2.2.31 (currently the latest available on OpenCSW) is
vulnerable to "httpoxy" CVE-2016-5387:
https://www.apache.org/security/asf-httpoxy-response.txt

====================================================================== 

---------------------------------------------------------------------- 
 (0011239) dam (administrator) - 2017-02-10 16:56
 https://www.opencsw.org/mantis/view.php?id=5284#c11239 
---------------------------------------------------------------------- 
Apache 2.2.32,REV=2017.02.10 has been pushed to unstable/.

Thanks for the reminder -- Dago



More information about the bug-notifications mailing list