[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Apache 1.3.x security bug in woody? CAN-2003-0460 etc.

* Drew Scott Daniels (umdanie8@cc.UManitoba.CA) wrote :
> Woody's apache 1.3.x seems to be still vulnerable to bug 167752 [1]. Is
> this really the case? Fwiw, this *might* be one of the problems which was
> fixed upstream with 1.3.28 [2]. Have the other potential security bugs
> fixed in 1.3.28 been checked against apache in woody?
Woody's 1.3 is the reason that bug is there. Did you bother reading the bug
report? The problems were fixed in a stable security upload.
FWIW, these aren't the bugs that were fixed in 1.3.28; since they were
implemented in an extremely platform dependent way we're working on cleaning
them up in a cross platform friendly manner.

Reply to: