1
Candidate: CVE-2017-12171
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12171
6
httpd does not properly parse comments, resulting in the '#' character
7
in "Allow" statements to accidentally match all IP addresses. This can
8
lead to a bypass of intended security restrictions.
11
mdeslaur> caused by rhel 6.9 specific patch
13
https://bugzilla.redhat.com/show_bug.cgi?id=1493056
15
Discovered-by: KAWAHARA Masashi
20
upstream_apache2: needs-triage
21
precise/esm_apache2: not-affected (code not present)
22
trusty_apache2: not-affected (code not present)
23
xenial_apache2: not-affected (code not present)
24
zesty_apache2: ignored (reached end-of-life)
25
artful_apache2: not-affected (code not present)
26
devel_apache2: not-affected (code not present)