Am 22.03.2009 um 20:40 schrieb Rob Townley: > http://httpd.apache.org/security/vulnerabilities_20.html > > states that Apache 2.0.52 is 4 years old and the latest version is > 2.0.68. > i am no longer a httpd expert, but at least one of the security fixes > involves XSS attacks via malformed ftp commands. I also realize that > redhat / centos may patch things separately from Apache and that the > sysadmin has a great deal to do with how secure things are, but > almost 5 years? > Download the src-RPM and make a checklist which CVEs are fixed and which not. (It's in a changelog-file somewhere - I don't remember the details, it's a while that I actually looked) Then, return here. Best Regards, Rainer _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: Backporting and Apache 2.0.52 is 4 1/2 years old
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: Backporting and Apache 2.0.52 is 4 1/2 years old
- From: Rainer Duffner <rainer@xxxxxxxxxxxxxxx>
- Date: Sun, 22 Mar 2009 21:13:10 +0100
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <7e84ed60903221240q43d5ff31v2a97a0cd762597da@xxxxxxxxxxxxxx>
- References: <7e84ed60903221240q43d5ff31v2a97a0cd762597da@xxxxxxxxxxxxxx>
- Follow-Ups:
- Re: Backporting and Apache 2.0.52 is 4 1/2 years old
- From: Les Mikesell
- Re: Backporting and Apache 2.0.52 is 4 1/2 years old
- References:
- Backporting and Apache 2.0.52 is 4 1/2 years old
- From: Rob Townley
- Backporting and Apache 2.0.52 is 4 1/2 years old
- Prev by Date: Backporting and Apache 2.0.52 is 4 1/2 years old
- Next by Date: Re: Backporting and Apache 2.0.52 is 4 1/2 years old
- Previous by thread: Backporting and Apache 2.0.52 is 4 1/2 years old
- Next by thread: Re: Backporting and Apache 2.0.52 is 4 1/2 years old
- Index(es):
 |