View Issue Details

IDProjectCategoryView StatusLast Update
0018108CentOS-8httpdpublic2021-03-18 12:02
Reportercnd Assigned To 
PriorityhighSeveritycrashReproducibilityhave not tried
Status newResolutionopen 
Product Version8.3.2011 
Summary0018108: Multiple CVE security issues not addressed in current release
DescriptionYou are 5 releases behind, and looking at the current distro release notes ( http://archive.apache.org/dist/httpd/CHANGES_2.4.46 ) there is at least one important security problem which I do not see any patch or solution for in the current release ( https://git.centos.org/rpms/httpd/blob/c8s-stream-2.4/f/SOURCES ) - including the most recent ( CVE-2020-11984 ) which contains data leakage and remote-code-execution vulnerabilities.
Steps To Reproducegit clone -b c8s-stream-2.4 https://git.centos.org/rpms/httpd.git
grep -r 11984 .
TagsNo tags attached.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2021-03-18 12:02 cnd New Issue