FEDORA-2015-06a7c972e8 created by athmane 3 years ago for Fedora 23
obsolete

Add a patch to fix RHBZ #924857 / CVE-2013-0348


  • Add patch to fix RHBZ #887451 / CVE-2012-5640
  • Fix fedora logo issue (RHBZ #1114423).
  • Enable PIE flags (RHBZ #955129)
  • Use systemd for post-rotate script (RHBZ #1218259)
This update has been submitted for testing by athmane. 3 years ago
This update has been pushed to testing. 3 years ago
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes 3 years ago
User Icon ckujau commented & provided feedback 3 years ago
karma

$ rpm -q thttpd

thttpd-2.25b-36.fc23.i686

$ ls -l /var/log/thttpd.log

-rw-------. 1 thttpd www 858 Dec 7 21:29 /var/log/thttpd.log

BZ#924857 CVE-2013-0348 thttpd: World-readable log file
athmane edited this update. New build(s): - thttpd-2.25b-37.fc23 Removed build(s): - thttpd-2.25b-36.fc23 3 years ago
This update has been submitted for testing by athmane. 3 years ago
This update has obsoleted [thttpd-2.25b-35.fc23](https://bodhi.fedoraproject.org/updates/FEDORA-2015-28076d0830), and has inherited its bugs and notes. 3 years ago
This update has been pushed to testing. 3 years ago
User Icon ckujau commented & provided feedback 3 years ago
karma

thanks!

BZ#924857 CVE-2013-0348 thttpd: World-readable log file
BZ#1114423 broken symlink to poweredby.png
BZ#955129 thttpd package should be built with PIE flags
BZ#1218259 thttpd has incorrect logrotate postrotate script following move to systemd
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes 2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
3 years ago
in testing
3 years ago
modified
3 years ago
BZ#887451 CVE-2012-5640 thttpd: Denial of Service when using glibc, crypt() can return NULL [epel-all]
0
0
BZ#924857 CVE-2013-0348 thttpd: World-readable log file
0
1
BZ#955129 thttpd package should be built with PIE flags
0
1
BZ#1114423 broken symlink to poweredby.png
0
1
BZ#1218259 thttpd has incorrect logrotate postrotate script following move to systemd
0
1

Automated Test Results