osdir.com


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug 61934] New: Impact of CVE-2017-3737 on Apache HTTP Server


https://bz.apache.org/bugzilla/show_bug.cgi?id=61934

            Bug ID: 61934
           Summary: Impact of CVE-2017-3737 on Apache HTTP Server
           Product: Apache httpd-2
           Version: 2.4.1
          Hardware: PC
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Other Modules
          Assignee: bugs@xxxxxxxxxxxxxxxx
          Reporter: ravi_shankar@xxxxxxx
  Target Milestone: ---

Hello,

OpenSSL has recently published information and fixes for CVE-2017-3737
(https://www.openssl.org/news/secadv/20171207.txt). Several OS and product
vendors have issued updates to take care of this. I understand OpenSSL is used
by certain in-built modules in Apache HTTP Server. 

Considering this fact, is Apache HTTP Server affected by the vulnerability?

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: bugs-help@xxxxxxxxxxxxxxxx