What's with the Apache update in YOU?
Ok, what did I miss? I just started YOU on a 7.2 box and I see Apache-259 in there, saying: "Security update: fixing a remotely exploitable overflow in the session handling code." Were's the sec-announcement for this, or did I miss it? After a search in my suse-sec-annouce folder, the only thing I can find that hints at this is: -- ------------------------------------------------- Jonathan Wilson System Administrator Central Texas IT Clickpatrol.com Cedar Creek Software http://www.cedarcreeksoftware.com
Sorry, accidently hit ^[return] before I was done... JW >Ok, what did I miss? JW > JW >I just started YOU on a 7.2 box and I see Apache-259 in there, saying: JW > JW >"Security update: fixing a remotely exploitable overflow in the session JW >handling code." JW > JW >Were's the sec-announcement for this, or did I miss it? JW >After a search in my suse-sec-annouce folder, the only thing I can find that JW >hints at this is ... is the mod_ssl section of SuSE-SA:2002:009. Could we have more details please? I just ran YOU and if this patch was in there I sure overlooked it. I'm not saying I didn't overlook something but... if I did, what, where is it? We have a custom-compiled PHP on most of our servers, is this update going to break that? -- ------------------------------------------------- Jonathan Wilson System Administrator Central Texas IT Clickpatrol.com Cedar Creek Software http://www.cedarcreeksoftware.com
Ok, what did I miss?
I just started YOU on a 7.2 box and I see Apache-259 in there, saying:
"Security update: fixing a remotely exploitable overflow in the session handling code."
Were's the sec-announcement for this, or did I miss it? After a search in my suse-sec-annouce folder, the only thing I can find that hints at this is:
The security announcement will be published today. It was planned for yesterday, but libz/zlib went out first. Roman.
participants (2)
-
JW -
Roman Drahtmueller