Re: apache security issue (with upstream new release)

To: Matt Zimmerman <mdz@debian.org>
Cc: debian-security@lists.debian.org
Subject: Re: apache security issue (with upstream new release)
From: Hideki Yamane <henrich@iijmio-mail.jp>
Date: Thu, 30 Oct 2003 17:03:36 +0900
Message-id: <[🔎] 200310300804.h9U84ma21199@mms-r00.iijmio.jp>
In-reply-to: <[🔎] 20031030060940.GA6350@dijkstra.csh.rit.edu>
References: <[🔎] 200310291513.h9TFDcB23039@mms-r00.iijmio.jp> <[🔎] 20031030060940.GA6350@dijkstra.csh.rit.edu>

 thanks to your reply.

>>  Do you know about apache security issue?
>
>Yes.  According to the Apache maintainers, woody does not require an update.

 Really? mod_alias is so much old(*), I think all of apache 
 would be effected by this vulnerability.
 
 * Revision: 1.17, Tue Jul 8 03:45:28 1997 UTC (6 years, 3 months ago) by akosut
   http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/modules/standard/mod_alias.c?rev=1.17&content-type=text/vnd.viewcvs-markup

 Have woody's apache patched to mod_alias anything ?
 if so, why upstream left it?

-- 
Regards,

 Hideki Yamane    mailto:henrich @ iijmio-mail.jp

Reply to:

Follow-Ups:
- Re: apache security issue (with upstream new release)
  - From: Matt Zimmerman <mdz@debian.org>

References:
- apache security issue (with upstream new release)
  - From: Hideki Yamane <henrich@iijmio-mail.jp>
- Re: apache security issue (with upstream new release)
  - From: Matt Zimmerman <mdz@debian.org>

Prev by Date: Re: Transparent bridge firewall with bridge-nf
Next by Date: Another call for help regarding chkrootkit
Previous by thread: Re: apache security issue (with upstream new release)
Next by thread: Re: apache security issue (with upstream new release)
Index(es):
- Date
- Thread