Am 31.08.2011 19:31, schrieb Paul W. Frields: > On Wed, Aug 31, 2011 at 05:39:14PM +0200, Reindl Harald wrote: >> this update should be really fast pushed out >> >> the demo-exploit brings down a 4x2.50GHz machine with 8 GB >> RAM in some seconds without having the known workarounds >> or explicit mod_security-Rules in front >> >> -------- Original-Nachricht -------- >> Betreff: [ANNOUNCEMENT] Apache HTTP Server 2.2.20 Released >> Datum: Wed, 31 Aug 2011 07:21:33 -0400 >> Von: Jim Jagielski <jim@xxxxxxxxxxx> >> Antwort an: dev@xxxxxxxxxxxxxxxx >> An: dev@xxxxxxxxxxxxxxxx >> >> Apache HTTP Server 2.2.20 Released > [...snip...] > > The security bug is already being tracked: > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192 > > I'd expect a new package to be issued shortly. Once that happens, if > you want to contribute to pushing this out, be ready to test the fixed > package and add karma. The process works when people participate we are in production with > 20 servers on F14 since some hours own packages with optimized build-flags based on the Fedora-SPEC-File
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
