SPEC: http://repo.virer.net/PackagesReviews/2012082217/mod_rpaf.spec SRPMS: http://repo.virer.net/PackagesReviews/2012082217/mod_rpaf-0.6-1.el6.src.rpm Description: mod_rpaf changes the remote address of the client visible to other Apache modules when two conditions are satisfied. First condition is that the remote client is actually a proxy that is defined in httpd configuration file. Secondly if there is an incoming X-Forwarded-For header and the proxy is in it's list of known proxies it takes the last IP from the incoming X-Forwarded-For header and changes the remote address of the client in the request structure. It also takes the incoming X-Host header and updates the virtual host settings accordingly. For Apache2 mod_proxy it takes the X-Forwared-Host header and updates the virtual hosts. Fedora Account System Username: virer
el6 build ok http://koji.fedoraproject.org/koji/taskinfo?taskID=4434512
Is this version vulnerable to CVE-2012-3526? http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3526
It is not affected since this version does not use debian custom patch
Since I still lack of sponsor and I have no more time to spend on it, I close it.