[SECURITY] Fedora Core 4 Test Update: httpd-2.0.54-10.2

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2005-849
2005-09-06
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : httpd
Version     : 2.0.54                      
Release     : 10.2                  
Summary     : Apache HTTP Server
Description :
The Apache HTTP Server is a powerful, full-featured, efficient, and
freely-available Web server. The Apache HTTP Server is also the
most popular Web server on the Internet.

---------------------------------------------------------------------
Update Information:

This update includes two security fixes. An issue was
discovered in mod_ssl where "SSLVerifyClient require" would
not be honoured in location context if the virtual host had
"SSLVerifyClient optional" configured (CAN-2005-2700). An
issue was discovered in memory consumption of the byterange
filter for dynamic resources such as PHP or CGI script
(CAN-2005-2728).
---------------------------------------------------------------------
* Fri Sep  2 2005 Joe Orton <jorton@xxxxxxxxxx> 2.0.54-10.2
- mod_ssl: add security fix for SSLVerifyClient (#167196, CVE CAN-2005-2700)
- add security fix for byterange filter DoS (#167104, CVE CAN-2005-2728)
- add fix for dummy connection handling (#167425)
- mod_ldap/mod_auth_ldap: add fixes from 2.0.x branch (upstream #34209 etc)
- mod_ssl: add fix for handling non-blocking reads


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/4/

88c9dc7a948a62cea2ffb13277910a01  SRPMS/httpd-2.0.54-10.2.src.rpm
478988ab42a03029c8699c291fa1009d  ppc/httpd-2.0.54-10.2.ppc.rpm
306609575dd281ae33dd27da4691a08b  ppc/httpd-devel-2.0.54-10.2.ppc.rpm
c742ad0767f3364b4e396ceed05a7b19  ppc/httpd-manual-2.0.54-10.2.ppc.rpm
c1d1e573fa195b0c2eda8101839b6182  ppc/mod_ssl-2.0.54-10.2.ppc.rpm
6bd85e61482f620a29f3667594486047  ppc/debug/httpd-debuginfo-2.0.54-10.2.ppc.rpm
d3f930f3c97aa01bd770f8720b3b178b  x86_64/httpd-2.0.54-10.2.x86_64.rpm
703c9f70e8f3613f7bc1c0c6ce082c82  x86_64/httpd-devel-2.0.54-10.2.x86_64.rpm
09cee26eb56dda9027c6e55fac27db4b  x86_64/httpd-manual-2.0.54-10.2.x86_64.rpm
30f6ab1c98f37834d4c4013884edc1e7  x86_64/mod_ssl-2.0.54-10.2.x86_64.rpm
d0feb8092ec5074e607536d892598d49  x86_64/debug/httpd-debuginfo-2.0.54-10.2.x86_64.rpm
25ec9c57a593ca361c7242d95b69b951  i386/httpd-2.0.54-10.2.i386.rpm
523575a926b3d6d94b62f82529c1a711  i386/httpd-devel-2.0.54-10.2.i386.rpm
c9a91011459628b797bcad0baff99bf1  i386/httpd-manual-2.0.54-10.2.i386.rpm
829ca7551f4395544a98a486387cf594  i386/mod_ssl-2.0.54-10.2.i386.rpm
5da6482d85a80644b94434080cc9d22c  i386/debug/httpd-debuginfo-2.0.54-10.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  You may 
need to edit your up2date channels configuration.  Within 
/etc/sysconfig/rhn/sources enable the following line: 
yum updates-testing http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/4/$ARCH
---------------------------------------------------------------------

-- 
fedora-test-list mailing list
fedora-test-list@xxxxxxxxxx
To unsubscribe: 
http://www.redhat.com/mailman/listinfo/fedora-test-list

[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]