Bug 439544 - Remove mod_autoindex.so . . .
Remove mod_autoindex.so . . .
Status: CLOSED DUPLICATE of bug 418701
Product: Dogtag Certificate System
Classification: Community
Component: Apache (Show other bugs)
All Linux
low Severity low
: 1.0
: ---
Assigned To: Matthew Harmsen
Chandrasekar Kannan
Depends On:
  Show dependency treegraph
Reported: 2008-03-28 21:49 EDT by Matthew Harmsen
Modified: 2015-01-04 18:31 EST (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2010-01-22 15:42:02 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Matthew Harmsen 2008-03-28 21:49:33 EDT
+++ This bug was initially created as a clone of Bug #418701 +++

Per  CVE-2007-4465 as documented in bugzilla bug #289511, the mod_autoindex.so
contains a potential security vulnerability.

Since the "mod_autoindex.so" Apache module should not be needed by either the
TPS or the RA, the line referencing "mod_autoindex.so" in both subsystems
httpd.conf files should be removed.

-- Additional comment from mharmsen@redhat.com on 2008-01-10 14:49 EST --
Note that this module is Required for the command 'IndexOptions' in the Apache

Note You need to log in before you can comment on or make changes to this bug.