On 8/27/10, Jarry <mr.ja...@gmail.com> wrote: > On 27. 8. 2010 19:23, Kyle Bader wrote: > >> I noticed you have mod_dav& mod_cache and are running 2.2.15, perhaps >> it's this? >> >> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1452 > > You may be right! But what can I do? There is not even masked > version 2.2.16 in portage, despite the fact it has been released > by apache-foundation on 2010-07-25 (together with description > of vulnerability found in 2.2.15). There has already been bug > opened in gentoo-bugzila on 2010-07-28... > > BTW in the meantime my apache crashed again the same way, after > not a single day uptime! Something I have never seen before, > actually my apache has been running without any problem since > the last update. And now this! Quite unpleasant, for such > a critical server-software...
>From apache.org: "This crash would only be a denial of service if using the worker MPM." Can you try with another MPM? Btw, AFAICT, Gentoo apache herd is currently down to one (or fewer) dev(s). :-/ -- Arttu V. -- Running Gentoo is like running with scissors
