Re: Recent minor vulnerabilities in Apache: status in woody?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Kevin B. McCarty wrote:
| Hi all,
|
| Can anyone tell me the status of the woody Apache 1 packages with respect
| to the following security advisories:
|
| CAN-2003-0993 CAN-2003-0020 CAN-2003-0987 CAN-2004-0174
|
| (There is also CAN-2004-0113 but that only appears relevant to Apache 2?)
You should check the website www.d-o/security/nonvulns-woody
At least 4 of the 5 you mention are listed there...
| These are apparently all fixed in Apache 1.3.31, now available in
unstable.
| But the woody Apache packages appear to date back to the end of 2002.
Are
| there any plans to backport the fixes?
For the ones on nonvulns-woody there are no fixes necessary of course
(see the webpage for more details).
CAN-2003-0987 isn't listed in any DSA or nonvulns-woody (yet)
Cheers
Luk
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFAtigN5UTeB5t8Mo0RAjraAJ0ekwdLCcALKg9uSCUt4aQE6ALZJgCgy/pX
Nkx0UUr81aD++srQ1f+GUWw=
=kAao
-----END PGP SIGNATURE-----
Reply to: