Bug 1338666
Summary: | httpd changelog typo relative to CVE-2014-0226 | ||
---|---|---|---|
Product: | [JBoss] JBoss Enterprise Application Platform 6 | Reporter: | Michal Karm Babacek <mbabacek> |
Component: | Apache Server (httpd) and Connectors | Assignee: | George Zaronikas <gzaronik> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Jan Stefl <jstefl> |
Severity: | low | Docs Contact: | David Michael <dmichael> |
Priority: | low | ||
Version: | 6.4.0 | CC: | csutherl, dsulliva, jclere, jdoyle, jpallich, mturk, pslavice, rsvoboda |
Target Milestone: | DR2 | ||
Target Release: | EAP 6.4.9 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: | Story Points: | --- | |
Clone Of: | 1305629 | Environment: | |
Last Closed: | 2017-01-17 14:48:34 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1305629, 1340913, 1343125 | ||
Bug Blocks: |
Description
Michal Karm Babacek
2016-05-23 08:32:11 UTC
Besides the changelog, the patch has been named CVE-2014-0026.patch as well. To change that in the rpm, we will need a full rebuild on RHEL 5, 6 and 7 and as our regular EAP 6 CP does not include native changes, this will require a one-off effort. For the time being, I've fixed the name of the patch, the patching and the CL entry in distgit: http://pkgs.devel.redhat.com/cgit/rpms/httpd/commit/?h=jb-eap-6.4-rhel-6&id=aa0985f37bee59de1a53b22905b57212a941077f http://pkgs.devel.redhat.com/cgit/rpms/httpd22/commit/?h=jb-eap-6.4-rhel-6&id=85cb4995ccc23fe5412f16813490874fb95c8358 so that any future builds will have the proper CVE number in there. Please also note that after rpms are updated, in order to keep the same MD5sum between the zip and the rpm, we'll need to update the httpd in our RHEL native zips on RHEL 5, 6 and 7 so that they match. Please advise if we're doing this for a one-off. make sure the http://git.app.eng.bos.redhat.com/git/httpd.git contain the right message. it's all in lookaside repo now VERIFIED Retroactively bulk-closing issues from released EAP 6.4 cumulative patches. |