[apache2 0005284]: Security Fix for "httpoxy" CVE-2016-5387
Mantis Bug Tracker via bug-notifications
bug-notifications at lists.opencsw.org
Tue Oct 4 14:21:24 CEST 2016
The following issue has been ASSIGNED.
======================================================================
https://www.opencsw.org/mantis/view.php?id=5284
======================================================================
Reported By: briandking
Assigned To: jh
======================================================================
Project: apache2
Issue ID: 5284
Category: upgrade
Reproducibility: always
Severity: minor
Priority: normal
Status: assigned
======================================================================
Date Submitted: 2016-09-26 17:19 CEST
Last Modified: 2016-10-04 14:21 CEST
======================================================================
Summary: Security Fix for "httpoxy" CVE-2016-5387
Description:
Apache should be at version 2.2.32 to fix the latest known security issues
documented here: https://httpd.apache.org/security/vulnerabilities_22.html
In particular, 2.2.31 (currently the latest available on OpenCSW) is
vulnerable to "httpoxy" CVE-2016-5387:
https://www.apache.org/security/asf-httpoxy-response.txt
======================================================================
More information about the bug-notifications
mailing list