Re: Recent minor vulnerabilities in Apache: status in woody?
-----BEGIN PGP SIGNED MESSAGE-----
Kevin B. McCarty wrote:
| Hi all,
| Can anyone tell me the status of the woody Apache 1 packages with respect
| to the following security advisories:
| CAN-2003-0993 CAN-2003-0020 CAN-2003-0987 CAN-2004-0174
| (There is also CAN-2004-0113 but that only appears relevant to Apache 2?)
You should check the website www.d-o/security/nonvulns-woody
At least 4 of the 5 you mention are listed there...
| These are apparently all fixed in Apache 1.3.31, now available in
| But the woody Apache packages appear to date back to the end of 2002.
| there any plans to backport the fixes?
For the ones on nonvulns-woody there are no fixes necessary of course
(see the webpage for more details).
CAN-2003-0987 isn't listed in any DSA or nonvulns-woody (yet)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
-----END PGP SIGNATURE-----