On Wed, Nov 13, 2002 at 04:33:30PM +0100, Martin Schulze remarked: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > - -------------------------------------------------------------------------- > Debian Security Advisory DSA 195-1 security@debian.org > http://www.debian.org/security/ Martin Schulze > November 13th, 2002 http://www.debian.org/security/faq > - -------------------------------------------------------------------------- > > Package : apache-perl > Vulnerability : several > Problem-Type : remote, local > Debian-specific: no > CVE Id : CAN-2002-0839 CAN-2002-0840 CAN-2002-0843 CAN-2001-0131 CAN-2002-1233 > BugTraq ID : 5847 5884 5887 [snip] > These problems have been fixed in version 1.3.26-1-1.26-0woody2 for > the current stable distribution (woody), in > 1.3.9-14.1-1.21.20000309-1.1 for the old stable distribution (potato) > and in version 1.3.26-1.1-1.27-3-1 for the unstable distribution > (sid). > > We recommend that you upgrade your Apache-Perl package immediately. [snip] Respectfully, does anyone know when Sid will receive patches for the previous Apache vulnerabilities that were fixed for Potato and Woody, but not Sid? It's been days... Raymond
Attachment:
pgpsu_CG40eM3.pgp
Description: PGP signature