On 04/ 2/10 07:17 AM, Mark Phalan wrote:
On 04/ 2/10 02:07 PM, Ken Mays wrote:
Mark, Thanks for that update. I filed a separate bug for the update
to Apache 2.2.15 which is also affected - since IPS 134 has Apache
2.2.14 and I didn't see the update in SFW yet. This affects the
current Oracle Sun Web Stack as well (currently Apache 2.2.14).
Ok. Don't be surprised if its closed as a dup of an existing CR. I
imagine the Apache team (like the OpenSSL team) tracks sec
vulnerabilities in upstream code very closely.
They do. It will be a dup of 6937352, 6936032, and 6935576, which
integrated into SFW this morning. It will be fixed in build 138.
-Norm
_______________________________________________
indiana-discuss mailing list
[email protected]
http://mail.opensolaris.org/mailman/listinfo/indiana-discuss
