Re: PATCH: apache 1.3.24 chunk size thingy - cert_vucert944335_1.3.24

To: "Matthew Grant" <grantma@anathoth.gen.nz>, "Florian Weimer" <Weimer@CERT.Uni-Stuttgart.DE>
Cc: "Matthew Wilcox" <willy@debian.org>, "Steve Langasek" <vorlon@debian.org>, <debian-security@lists.debian.org>
Subject: Re: PATCH: apache 1.3.24 chunk size thingy - cert_vucert944335_1.3.24
From: "SDiZ $UHome$" <sdiz@uhome.net>
Date: Thu, 20 Jun 2002 23:06:36 +0800
Message-id: <[🔎] 011a01c2186c$13189d30$0300a8c0@station3>
References: <[🔎] 1024560906.27884.12.camel@zion> <[🔎] 87r8j2cdwd.fsf@CERT.Uni-Stuttgart.DE>

> The German publish Heise claims that this patch does not fix the
> vulnerability, see: 
> 
> http://www.heise.de/newsticker/data/pab-20.06.02-000/
> 
> But I hope this is an editorial error. :-/
> 

Do you means the one-line patch from ISS ?
That patch don't work. 

The one in apache offical 1.3.26 works.


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: PATCH: apache 1.3.24 chunk size thingy - cert_vucert944335_1.3.24
  - From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>

References:
- PATCH: apache 1.3.24 chunk size thingy - cert_vucert944335_1.3.24
  - From: Matthew Grant <grantma@anathoth.gen.nz>
- Re: PATCH: apache 1.3.24 chunk size thingy - cert_vucert944335_1.3.24
  - From: Florian Weimer <Weimer@CERT.Uni-Stuttgart.DE>

Prev by Date: Re: [translation] NIS and propagation of groups
Next by Date: DSA 131: Apache Vulnerability
Previous by thread: Re: PATCH: apache 1.3.24 chunk size thingy - cert_vucert944335_1.3.24
Next by thread: Re: PATCH: apache 1.3.24 chunk size thingy - cert_vucert944335_1.3.24
Index(es):
- Date
- Thread