Am 20.12.2017 um 00:40 schrieb Tyler Waldo:
Alexander,
These are the only two CVEs from 2016 that I found contained in the RPM
that you referenced.
- add security fix for CVE-2016-5387
- mod_ssl: add security fix for CVE-2016-4979
Tyler Waldo
Information Security Associate
Threat and Vulnerability Management
Mobile: (650) 410-0776
Tyler,
according to https://www-us.apache.org/dist//httpd/CHANGES_2.4 many of
the CVEs you mentioned were fixed in 2.4.24. So 2.4.25 and 2.4.27 used
by the SCL RPMs should cover them.
Alexander
_______________________________________________
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
