In another arena I saw a list of CVEs against Apache 1.3.7. RH73 ships
with Apache 1.3.7-9 so I thought I would query BZ and see what I could
find of these. (I am a BZ newbie when it comes to queries).
CVE-2002-1233 Apache HTTP Server htpasswd and htdigest Multiple
Vulnerabilities
CVE-2004-0748, CVE-2004-0751 Apache HTTP Server mod_ssl Denial of Service
CVE-2003-0083, CVE-2003-0020 Linux/Unix: Apache Escape Sequence
Vulnerabilities
CVE-2003-0993 Apache mod_access Security Bypass
CVE-2004-0700 Apache mod_ssl Format String Vulnerability
Unfortunately I couldn't find any of those in the Comments under Apache
for Fedora Legacy Redhat 7.3. I can't believe that all of those
aren't addressed, so lack of query results suggests to me that I am
missing something. Some of those CVE/CANs are several years old, but
wouldn't the still be in BZ comments somewhere?
-Jim P.
