[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#150574: apache: SECUIRITY Apache 1.3.24-3 (Testing) contains chunk encoding buffer overflow



On Thu 20 Jun 2002 21:32, Matthew Wilcox wrote:
> On Thu, Jun 20, 2002 at 08:51:13PM +0200, Tobias Burnus wrote:
> > Debian has provides a security patch for Potato but not for
> > Woody/Sid. See http://www.debian.org/security/2002/dsa-131
>
> Debian does not provide security updates for testing or for unstable.
> apache 1.3.26-1 went into sid today.  packages for woody have
> been uploaded into the new testing-security system.  since i
> have no idea how long that's going to take to be visible to users,
> http://satie.debian.org/~willy/ provides packages for those who have
> foolishly upgraded to a distribution which does not yet provide
> security releases.

>From my last (6-22-2002) cron.daily report:

  /etc/cron.daily/apt:
  Reading Package Lists...
  Building Dependency Tree...
[...]
  Need to get 2188kB/16.6MB of archives. After unpacking 816kB will be used.
  Get:1 ftp://security.debian.org woody/updates/main apache 1.3.26-0woody1 [353kB]
  Get:2 ftp://security.debian.org woody/updates/main apache-common 1.3.26-0woody1 [813kB]
  Get:3 ftp://security.debian.org woody/updates/main apache-doc 1.3.26-0woody1 [1022kB]
  Fetched 2188kB in 1m23s (26.2kB/s)
  Download complete and in download only mode

So debian provide security updates for woody, it's not?

> I'm going to cc debian-devel & debian-user with this so that
> hopefully more people get to see this and STOP FILING BUGS ABOUT
> THIS.  I have already noticed there's a security problem, believe it
> or not.


-- 
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org



Reply to: