httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Marcus Meissner <meiss...@suse.de>
Subject CVE-2003-1418 - still affects apache 2 current
Date Thu, 01 Sep 2011 12:39:11 GMT
Hi,

CVE-2003-1418, a minor security issue, is still affecting the current codebase.

someone opened a tracker bug a year ago without feedback:
https://issues.apache.org/bugzilla/show_bug.cgi?id=49623

Do you have a statement?

The Qualys security scanner detects and reports this issue and continues
to confuse Apache users :/

The OpenBSD patch referenced adds some hashing and backing store
for the etags.

Ciao, Marcus

Mime
View raw message