Bug 619691 - httpd-2.2.16 released CVE-2010-1452
httpd-2.2.16 released CVE-2010-1452
Status: CLOSED DUPLICATE of bug 618192
Product: Fedora
Classification: Fedora
Component: httpd (Show other bugs)
13
All Linux
low Severity medium
: ---
: ---
Assigned To: Joe Orton
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2010-07-30 03:39 EDT by David
Modified: 2010-08-09 06:55 EDT (History)
3 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2010-08-09 06:55:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David 2010-07-30 03:39:08 EDT
Description of problem:

Its built in koji but there is no pending updates in fedora updates

The Apache HTTP Server Project is proud to announce the release of version 2.2.16 of the Apache HTTP Server ("httpd"). This version is principally a security and bugfix release.

Notably, this release addresses CVE-2010-1452 (cve.mitre.org), a remote denial of service bug in mod_cache and mod_dav. This release further addresses the issue CVE-2010-2068 within mod_proxy_ajp, mod_proxy_http, mod_reqtimeout.

This version of httpd is a major release and the start of a new stable branch, and represents the best available version of Apache HTTP Server. New features include Smart Filtering, Improved Caching, AJP Proxy, Proxy Load Balancing, Graceful Shutdown support, Large File Support, the Event MPM, and refactored Authentication/Authorization.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Joe Orton 2010-07-30 09:27:49 EDT
Thanks.  For the record the link to the build is here:

https://koji.fedoraproject.org/koji/buildinfo?buildID=186701

if you have tested this build please leave feedback here.
Comment 2 Joe Orton 2010-07-30 10:59:56 EDT
Note that CVE-2010-2068 does not affect Unix.
Comment 3 David 2010-08-06 00:56:04 EDT
Hi Joe,

Works perfectly.  Is it going to be put into admin updates for fedora 13, as soon as its listed I can give +1 karma.

I assume a FC12 will also get built, not seen one in koji yet?
Comment 4 Joe Orton 2010-08-09 06:55:16 EDT
On its way.  Marking this as a dupe of the tracker bug.

*** This bug has been marked as a duplicate of bug 618192 ***

Note You need to log in before you can comment on or make changes to this bug.