Re: fedora-legacy-list digest, Vol 1 #74 - 24 msgs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Date: Tue, 27 Jan 2004 12:12:32 -0500 (EST)
From: John Jasen <jjasen@xxxxxxxxxxxxxxxxxx>
To: fedora-legacy-list@xxxxxxxxxx
Subject: apache httpd and slocate
Reply-To: fedora-legacy-list@xxxxxxxxxx


slocate: https://rhn.redhat.com/errata/RHSA-2004-041.html


Looks liked 7.x and above might be affected?

httpd: https://rhn.redhat.com/errata/RHSA-2003-320.html

Looks like 8 and above?

That's my take on it. It looks like 7.3 is already fixed, anyway.


"An issue in the handling of regular expressions from configuration files
was discovered in releases of the Apache HTTP Server version 2.0 prior to
2.0.48. [...] The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2003-0542 to this issue."


$ cat /etc/redhat-release
Red Hat Linux release 7.3 (Valhalla)
$ rpm -q apache
apache-1.3.27-4
$ rpm -q --changelog apache | head
* Thu Nov 13 2003 Joe Orton <jorton@xxxxxxxxxx> 1.3.27-4

- add security fix for CVE CAN-2003-0542

* Tue Aug 26 2003 Joe Orton <jorton@xxxxxxxxxx> 1.3.27-3

- add security fixes for CVE CAN-2003-0020, CERT VU#379828
- add bug fixes for #60281

* Wed Oct 23 2002 Nalin Dahyabhai <nalin@xxxxxxxxxx> 1.3.27-2
$

"A bug in the CGI daemon-based 'mod_cgid' module was discovered that can
result in CGI script output being sent to the wrong client."

$ ls -l /etc/httpd/modules/mod_cgid.so
ls: /etc/httpd/modules/mod_cgid.so: No such file or directory
$ ls -l /etc/httpd/modules/mod_cgi*.so
-rwxr-xr-x 1 root root 14940 Dec 10 05:05 /etc/httpd/modules/mod_cgi.so
$






[Index of Archives]     [Fedora Development]     [Fedora Announce]     [Fedora Legacy Announce]     [Fedora Config]     [PAM]     [Fedora General Discussion]     [Big List of Linux Books]     [Gimp]     [Yosemite Questions]

  Powered by Linux