On Tue, Nov 05, 2002 at 12:17:46AM +0200, George Karaolides wrote: > 1. The debs I build from the Debian apache source package come out with > version number 1.3.26-0woody1 whereas the debs released to cover this > vulnerability have version 1.3.26-0woody3. Why is this? Have the source > packages not been updated?
You must have downloaded an older source package. Use the URLs in the advisory to get 1.3.26-0woody3. > 2. (Related) Are the binary debs I build from the current debian > 1.3.26 source package safe from this vulnerability? You should use the latest package from security.debian.org. -- - mdz
