Re: apache security issue (with upstream new release)
Hi,
>> >> Do you know about apache security issue?
>> >
>> >Yes. According to the Apache maintainers, woody does not require an update.
>>
>> Really? mod_alias is so much old(*), I think all of apache
>> would be effected by this vulnerability.
>
>Ask debian-apache@lists.debian.org.
I checked woody's apache source and I cannot find any patches
for mod_alias.c in apache-1.3.26/debian/patches directory.
So I guess debian's apache is effected by this vulnerability.
Do I misunderstand this? Does apache package in debian not
require security update?
please tell me. thanks.
--
Regards,
Hideki Yamane mailto:henrich @ iijmio-mail.jp
Reply to: