Hi,
This new CVE just popped up on my PCI compliance radar and Redhat's description of the CVE:
https://access.redhat.com/security/cve/CVE-2012-0883
simply indicates that RHEL 3,4,5,6 aren't vulnerable. Our PCI compliance officer is probably going to expect a little more detail than that. Does anyone have any insight into the CVE and how I can confidently appeal such a perceived vulnerability on CentOS 5?
Thanks in advance...
CVE-2012-0883
CVE-2012-0883
The Red Hat bugzilla entry [url=https://bugzilla.redhat.com/show_bug.cgi?id=813559]https://bugzilla.redhat.com/show_bug.cgi?id=813559[/url] states that Red Hat/Fedora httpd packages are patched to disable the feature that contains the security flaw.
Re: CVE-2012-0883
Thanks...when I looked up the bugzilla report yesterday, bugzilla wasn't working...