[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: apache security issue (with upstream new release)

 Hi,

>> >>  Do you know about apache security issue?
>> >
>> >Yes.  According to the Apache maintainers, woody does not require an update.
>> 
>>  Really? mod_alias is so much old(*), I think all of apache 
>>  would be effected by this vulnerability.
>
>Ask debian-apache@lists.debian.org.

 I checked woody's apache source and I cannot find any patches 
 for mod_alias.c in apache-1.3.26/debian/patches directory.
 So I guess debian's apache is effected by this vulnerability.
 
 Do I misunderstand this? Does apache package in debian not
 require security update?

 please tell me. thanks.

-- 
Regards,

 Hideki Yamane    mailto:henrich @ iijmio-mail.jp
Reply to: