Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM Rational ClearQuest (CVE-2015-1829)

Summary

IBM HTTP Server is shipped as a component of IBM Rational ClearQuest. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin.

Vulnerability Details

Please consult the Security Bulletin: Potential denial of service may affect IBM HTTP Server on Windows (CVE-2015-1829) for vulnerability details and information about fixes.

Affected Products and Versions

IBM Rational ClearQuest, Web server component.

Versions 8.0.0.x, 8.0.1.x:

This vulnerability only applies to the Web server component.
Versions 7.1.x.x:

This vulnerability only applies to the Web server component.

Remediation/Fixes

Review the security bulletin referenced above and apply the relevant fixes to your IBM HTTP Server installation used for ClearQuest.

Affected Versions

|

** Applying the fix**

—|—
7.1.0.x, 7.1.1.x, and 7.1.2.x| Document 1390803 explains how to update IBM HTTP Server for ClearQuest Web Servers at release 7.1.x. Consult those instructions when applying the fix.
8.0.0.x
8.0.1.x| Apply the appropriate IBM HTTP Server fix directly to your CQ Web server host. No ClearQuest-specific steps are necessary.