Hi, John schrieb:
From: Reto Inversini <inversini@datacomm.ch> To: suse-security@suse.com Date: Wednesday, July 27, 2005, 11:02:54 PM Subject: [suse-security] apache2 patch
Wednesday, July 27, 2005, 11:02:54 PM, you wrote:
John wrote:
hello all
Hi John
I noticed that /usr/sbin/httpd2-prefork has new timestamp (22/jul) but the same size (in bytes) with the older one.
AFAIK the patch was just a small one, the vulnerability is a off-by-one error in mod_ssl. What exactly has changed can be found here:
http://svn.apache.org/viewcvs.cgi/httpd/httpd/trunk/modules/ssl/ssl_engine_k...
Can anyone explain to me what does this mean? How the patch has fit in that binary and the size remains the same?
If you want to be totally sure, if you have got the changed binary in your chroot environment calculate an md5 hash over the old and the new file, the md5sums should differ.
Regards Reto
Ok, i saw that piece of code. But how the binary be the same
YOU downloaded the apache2-prefork*.rpm and apache2-*.rpm
The above rpms installed at once. So the old binaries must have been overwriten but they have the same size excactly.
Can jou imagine, that an "Decrement and jump if zero" and an "Jump if zero" in assembler might be the same size. So refering to the Patch i can really imagine, that the File Size might be the same. But i guess, there would be 2 Bytes different in the Binary.
md5sum outputs the hash of the file size I will then receive the same hash for the old and the new binary httpd2-prefork, won't i?
Definitly not. Check out RFC 1321. Greetings Dirk
-- xcldsc TRIA IT-consulting GmbH Joseph-Wild-Straße 20 81829 München Germany Tel: +49 (89) 92907-0 Fax: +49 (89) 92907-100 http://www.tria.de -------------------------------------------------------- working hard | for your success -------------------------------------------------------- Registergericht München HRB 113466 USt.-IdNr. DE 180017238 Steuer-Nr. 802/40600 Geschäftsführer: Richard Hofbauer kaufm. Geschäftsleitung: Rosa Igl -------------------------------------------------------- Nachricht von: Dirk.Schreiner@tria.de Nachricht an: isofroni@cc.uoi.gr, suse-security@suse.com # Dateianhänge: 0 Die Mitteilung dieser E-Mail ist vertraulich und nur für den oben genannten Empfänger bestimmt. Wenn Sie nicht der vorgesehene Empfänger dieser E-Mail oder mit der Aushändigung an ihn betraut sind, weisen wir darauf hin, daß jede Form der Kenntnisnahme, Veröffentlichung, Vervielfältigung sowie Weitergabe des Inhalts untersagt ist. Wir bitten Sie uns in diesem Fall umgehend zu unterrichten. Vielen Dank The information contained in this E-Mail is privileged and confidental intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient or competent to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this E-Mail is strictly prohibited. If you have received this E-Mail in error, please notify us immediately. Thank you