Hi, Roman Drahtmueller wrote:
Unless I see the exploit working, I don't believe it.
This, however, does not have any influence on the severity of the bug: a _possible_ code execution vulnerability is just as bad as an evident code execution vulnerability.
so, would it mean much work to compile RPMs for a 3.1.26 apache for all SuSE versions? Or are there just to many dependencies? For a quick fix I just compiled apache 3.1.26 using the config.status from SuSE and exhanged the binary and the modules, seems to run fine. However, I don't use much additional mod packages like php4 etc... cu, Frank -- Dipl.-Inform. Frank Steiner mailto:fst@informatik.uni-kiel.de Lehrstuhl f. Programmiersprachen mailto:fsteiner@web.de CAU Kiel, Olshausenstraße 40 Phone: +49 431 880-7265, Fax: -7613 D-24098 Kiel, Germany http://www.informatik.uni-kiel.de/~fst/