Re: [ANNOUNCEMENT] Apache HTTP Server 2.2.20 Released

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Am 31.08.2011 22:09, schrieb Paul W. Frields:
> On Wed, Aug 31, 2011 at 08:28:20PM +0200, Reindl Harald wrote:
>>
>>
>> Am 31.08.2011 19:31, schrieb Paul W. Frields:
>>> On Wed, Aug 31, 2011 at 05:39:14PM +0200, Reindl Harald wrote:
>>>> this update should be really fast pushed out
>>>>
>>>> the demo-exploit brings down a 4x2.50GHz machine with 8 GB
>>>> RAM in some seconds without having the known workarounds
>>>> or explicit mod_security-Rules in front
>>>>
>>>> -------- Original-Nachricht --------
>>>> Betreff: [ANNOUNCEMENT] Apache HTTP Server 2.2.20 Released
>>>> Datum: Wed, 31 Aug 2011 07:21:33 -0400
>>>> Von: Jim Jagielski <jim@xxxxxxxxxxx>
>>>> Antwort an: dev@xxxxxxxxxxxxxxxx
>>>> An: dev@xxxxxxxxxxxxxxxx
>>>>
>>>>                   Apache HTTP Server 2.2.20 Released
>>> [...snip...]
>>>
>>> The security bug is already being tracked:
>>> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192
>>>
>>> I'd expect a new package to be issued shortly.  Once that happens, if
>>> you want to contribute to pushing this out, be ready to test the fixed
>>> package and add karma.  The process works when people participate
>>
>> we are in production with > 20 servers on F14 since some hours
>> own packages with optimized build-flags based on the Fedora-SPEC-File
> 
> Not sure what this had to do with my reply, but in the meantime you
> can use the mitigation that Apache sent out.  I'm doing that on my own
> servers for now

it had to do to say we have 2.2.20 since some hours
so the fedora packages are not interesting me really

it was a friendly reminder because on koji a build is even not started
and with updates-testing it seems to take a long tiem for a critical fix
to get to the users since there is nothing to test

httpd-tools-2.2.20-2.fc14.rh.20110831.x86_64
httpd-2.2.20-2.fc14.rh.20110831.x86_64

  File: „/usr/sbin/httpd“
  Size: 371680          Blocks: 728        IO Block: 4096   reguläre Datei
Device: 811h/2065d      Inode: 385752      Links: 1
Access: (0755/-rwxr-xr-x)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2011-08-31 18:11:58.000000000 +0200
Modify: 2011-08-31 18:11:58.000000000 +0200
Change: 2011-08-31 18:29:40.118166712 +0200

Attachment: signature.asc
Description: OpenPGP digital signature

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux