I can promise you: It's a real mess! No, I'm afraid we can't make a version upgrade. It will just break, nothing else.
Ok, I understand that! In the meantime I read on the bugtraq that Linux seems not to be vulnerable in the way OpenBDS and FreeBSD are. So I guess, unless sth. else is proven, we can assume the patched Apache to be secure, right?
Yes. I wouldn't insist on the claim that it isn't exploitable on Linux. This was only the first impression. It may turn out to be right - or wrong. Better upgrade the package.
http://online.securityfocus.com/archive/1/278223/2002-06-21/2002-06-27/2
Best regards, Frank
Roman. -- - - | Roman Drahtmüller <draht@suse.de> // "You don't need eyes to see, | SuSE Linux AG - Security Phone: // you need vision!" | Nürnberg, Germany +49-911-740530 // Maxi Jazz, Faithless | - -