Hi Users in Apache.org, Greetings from EMC! J We have an issue currently where documentation released from Brocade indicates Apache HTTP V 2.0.50 is listed as non-vulnerable when bundled together with Brocade FOS V7.1.1. As Brocade has listed this as a non-vulnerability, the latest version of the FOS is currently still bundled with Apache HTTP V 2.0.50. (Please refer to the attached listed CVE-2012-0053 in Page 15 onwards on the Vulnerability explanation from Brocade.) However, during the routine Vulnerability Assessment scan, the Apache HTTP V 2.0.50 reflects that this is a vulnerable version. The same is reflected in the Apache HTTP website that this version is vulnerable. Would appreciate advise from Apache.Org team on comments listed by Brocade (whether is it possible for Apache HTTP V2.0.50 not to be vulnerable when bundled with Brocade FOS) so that we may be able to move forward. Thanks for your help in advance and have a good day! J Please do let me know if there are any further clarifications needed to the abovementioned. Tks J Thanks & regards, KEE Siok Kwan, Eva Tel: +65 6692 3829; Cell: +65 9734 6298 |
Attachment:
FOS Vulnerabilities 2014-04-15.pdf
Description: FOS Vulnerabilities 2014-04-15.pdf
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|