Re: apache security issue (with upstream new release)
>> >> Do you know about apache security issue?
>> >Yes. According to the Apache maintainers, woody does not require an update.
>> Really? mod_alias is so much old(*), I think all of apache
>> would be effected by this vulnerability.
I checked woody's apache source and I cannot find any patches
for mod_alias.c in apache-1.3.26/debian/patches directory.
So I guess debian's apache is effected by this vulnerability.
Do I misunderstand this? Does apache package in debian not
require security update?
please tell me. thanks.
Hideki Yamane mailto:henrich @ iijmio-mail.jp