On Thu, Jun 20, 2002 at 03:42:12PM +1200, Jones, Steven wrote: > i think i might just shut apache down until a patch is out there. Or shutdown system for the matter :) But ... > -----Original Message----- > From: John [mailto:[EMAIL PROTECTED] > Sent: Thursday, 20 June 2002 3:29 > To: debian-user@lists.debian.org > Subject: Apache Exploit Released - where is an update for Woody? > There's now an exploit in the wild for Apache (the chunked whatever > bug). The DSA mentions an update which is version 1.3.9-14.1 > > We need a version > 1.2.12, and are running 1.3.23 from woody. Is there > any idea where a patched 1.3.23 for woody might be? Or should I install > from source from apache.org?
The newest ones are always at http://incoming.debian.org apache-common_1.3.26-1_i386.deb 19-Jun-2002 17:47 545k This looks newer to me. Check MD5sum etc. Or wait it to be checked and appear in unstable. -- ~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ +++++ Osamu Aoki @ Cupertino CA USA See "User's Guide": http://www.debian.org/doc/manuals/users-guide/ See "Debian reference": http://www.debian.org/doc/manuals/debian-reference/ "Debian reference" Project at: http://qref.sf.net I welcome your constructive criticisms and corrections. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
