Correction to the below notice. The link is broken. It should be http://directory.fedora.redhat.com/sources/adminserver10to101.patch And the md5sum is not correct. It should be 1a18195b3bf057139e04852f6f3c0be9 adminserver10to101.patch I apologize for any inconvenience or confusion. --------------------------------------------------------------------- Fedora Directory Server Update Notification 2005-12-07 --------------------------------------------------------------------- Product : Fedora Directory Server Name : Admin Server Version : 1.0 Release : 1 Summary : The Admin Server httpd administrative engine. Description : The Admin Server component of Fedora Directory Server is an httpd server which uses Apache 2 to serve up web pages and execute CGIs used to administer the Fedora Directory Server. This package is included with Fedora Directory Server. --------------------------------------------------------------------- Update Information: Fixed bug #174837 (CVE-2005-3630) https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=174837 Frank Reppin discovered a flaw in the default Apache configuration for Fedora DS. By default clients are allowed to read everything under the document root, which can reveal sensitive information to a remote user. This update modifies this behavior, only allowing read access to specific files and directories under the document root. --------------------------------------------------------------------- This update is a patch file available for download from: http://directory.fedora.redhat.com/download/adminserver10to101.patch 2d7553a300551ef2a19b1b89a017e5ff adminserver20051205.patch To install the patch: cd /opt/fedora-ds patch -p0 < adminserver10to101.patch ./restart-admin
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature