The way you can tell is to get the debian source of apache, look at the patch referenced via those URLs and see if it has been applied to the debian source. If it has been, then the problem has been resolved in Debian. If it hasn't been, then either the problem is unknown and you should file a bug against apache (tagging it security), and providing as much information as you can. Or the problem does not affect the particular version of apache in Debian... Do your absolute best to figure out the latter first.
Micah On Wed, 30 Mar 2005, Geoff Crompton wrote: > Does anyone know if apache 1.3 is affected by the issue mentioned at > http://www.securityfocus.com/bid/12877 > > Also, anyone know how Debian stands with this? > -- > Geoff Crompton > Debian System Administrator > Strategic Data > +61 3 9340 9000 > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
