Security fix for CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679

How to install

sudo dnf upgrade --advisory=FEDORA-2017-cf9599a306

This update has been submitted for testing by luhliarik.

3 years ago

This update has been pushed to testing.

3 years ago
User Icon cserpentis commented & provided feedback 3 years ago
karma

works fine for me in a VM

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

3 years ago
User Icon robbinespu commented & provided feedback 3 years ago
karma

LGTM

Test Case HTTPd
User Icon jonathancalloway commented & provided feedback 3 years ago
karma

Started HTTPD and tested general functionality. Works fine.

BZ#1463207 CVE-2017-7679 httpd: mod_mime buffer overread
BZ#1463205 CVE-2017-7668 httpd: ap_find_token() buffer overread
BZ#1463199 CVE-2017-7659 httpd: mod_http2 NULL pointer dereference
BZ#1463197 CVE-2017-3169 httpd: mod_ssl NULL pointer dereference
BZ#1463194 CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass
BZ#1463208 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 httpd: various flaws [fedora-all]
Test Case HTTPd

This update has been submitted for stable by bodhi.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Karma
3
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
BZ#1463194 CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass
0
1
BZ#1463197 CVE-2017-3169 httpd: mod_ssl NULL pointer dereference
0
1
BZ#1463199 CVE-2017-7659 httpd: mod_http2 NULL pointer dereference
0
1
BZ#1463205 CVE-2017-7668 httpd: ap_find_token() buffer overread
0
1
BZ#1463207 CVE-2017-7679 httpd: mod_mime buffer overread
0
1
BZ#1463208 CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 httpd: various flaws [fedora-all]
0
1

Automated Test Results

Test Cases

0 2 Test Case HTTPd