Comments

13 Comments

Warnings/spec errors are irrelevant to the update at hand, fixed in: https://src.fedoraproject.org/rpms/mod_cluster/c/f80f0aa0fdf38d517946c21fc924d03f116e1592?branch=f28

BZ#1374210 CVE-2016-3110 mod_cluster: remotely Segfault Apache http server [fedora-all]
BZ#1708248 Segfaults in Apache after updating packages (using mod_cluster and mod_ssl)

Warnings/spec errors are irrelevant to the update at hand, fixed in: https://src.fedoraproject.org/rpms/mod_cluster/c/f80f0aa0fdf38d517946c21fc924d03f116e1592?branch=f30

BZ#1374210 CVE-2016-3110 mod_cluster: remotely Segfault Apache http server [fedora-all]
BZ#1708248 Segfaults in Apache after updating packages (using mod_cluster and mod_ssl)
BZ#1374210 CVE-2016-3110 mod_cluster: remotely Segfault Apache http server [fedora-all]
BZ#1708248 Segfaults in Apache after updating packages (using mod_cluster and mod_ssl)
karma

The package is correct in the respect that it follows the latest Fedora mod_cluster overhaul, but there is a one last step necessary for it to release:

  • disable java-tomcat8 subpackae, enable tomcat 7
  • swap maven macros that disable tomcat 6 and tomcat 7 and enable tomcat 8 so as they disable tomcat 6 and tomcat 8 and enable tomcat 7

Cheers -K-

Dear Lef,

EPEL6 is not in its current disastrous state by design but by my utter failure to attend to it. I finished a complete overhaul of mod_cluster in Fedora back in the day, but have never gone all the way to EPEL6.

If you could lend a hand here, it will be immensely appreciated.

Cheers K.

karma

This is an invalid version. 1.2.6 contains remote exploit vulnerabilities and serious performance drawbacks as well as crippling functional errors. The oldest acceptable version is 1.3.3, preferably 1.3.5.

Please, follow Fedora 24/25 mod_cluster package.

karma

+1

BZ#1397493 CVE-2016-6816 CVE-2016-6817 CVE-2016-8735 tomcat: various flaws [fedora-all]
karma

+1

BZ#1397495 CVE-2016-6816 CVE-2016-8735 tomcat: various flaws [epel-6]

Works on my test VM, both update and clean install, httpd + tomcat 8.

BZ#1368613 mod_cluster: Update to 1.3.3.Final

Dear Bodhi, push to updates-testing, please :-)

Dear Bodhi, push to updates-testing, please :-)

This update has been unpushed.

I, the Submitter, posted the previous "anonymous" comment. I just wasn't logged in...