Bug 207922 - CVE-2005-3352, CVE-2006-3918 apache security issues
Summary: CVE-2005-3352, CVE-2006-3918 apache security issues
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Stronghold for Red Hat Linux
Classification: Retired
Component: stronghold-apache
Version: 4.0
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Joe Orton
QA Contact: Stronghold Engineering List
URL:
Whiteboard: impact=moderate,public=20051212,repor...
: 204049 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-09-25 13:11 UTC by Joe Orton
Modified: 2007-04-18 17:50 UTC (History)
2 users (show)

Fixed In Version: RHSA-2006-0692
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-09-29 15:47:21 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2006:0692 0 normal SHIPPED_LIVE Important: apache security update for Stronghold 2006-09-29 04:00:00 UTC

Description Joe Orton 2006-09-25 13:11:46 UTC 
Description of problem:
The following issues affect the stronghold-apache package:

CVE-2006-3918 Expect header XSS
CVE-2005-3352 cross-site scripting flaw in mod_imap

Version-Release number of selected component (if applicable):
stronghold-apache-1.3.22-25
Comment 3 Red Hat Bugzilla 2006-09-29 15:47:21 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0692.html
Comment 4 Joe Orton 2007-01-30 15:40:15 UTC 
*** Bug 204049 has been marked as a duplicate of this bug. ***
Note You need to log in before you can comment on or make changes to this bug.