AW: DSA 131: Apache Vulnerability

To: "Arthur H. Johnson II" <arthur@usol.com>
Cc: <debian-testing@lists.debian.org>, <debian-security@lists.debian.org>
Subject: AW: DSA 131: Apache Vulnerability
From: "Marcel Weber" <mmweber@ncpro.com>
Date: Fri, 21 Jun 2002 10:32:05 +0300
Message-id: <[🔎] ABEKLOAPHGEAANDBAIFFOEHNCHAA.mmweber@ncpro.com>
In-reply-to: <[🔎] Pine.LNX.4.44.0206201946370.11808-100000@cygnus.hemisphere>

Hi

Good you mentioned it. All my boxes are behind firewalls. For the building
from source, yes I know, it's a good idea to do this. The point is, I'm
doing this on systems that are only maintained by myself, one system is even
a linux box running a very own distribution, all built from source. But
there are some systems that are running in companies where I'm rather having
a job as a consultant and specialist. So the setup should be easy and
maintainable for the local administrators (They're all new to linux and
freightened by the command line ;-)

Have a nice day!

Marcel

PS: I put the 1.3.26 packages on my woody boxes. It's running perfectly even
with some self built modules (tomcat 4.0.1, etc.). There is just a
dependency conflict in dselect with libapache-mod-perl, that instists that
apache-commmon should be <<1.3.25. However, even libapache-mod-perl is
running smoothly with 1.3.26.

--------------------

PGP / GPG Key:    http://www.ncpro.com/GPG/mmweber-at-ncpro-com.asc

> -----Ursprungliche Nachricht-----
> Von: Arthur H. Johnson II [mailto:arthur@cygnus.daemonware.ch]Im Auftrag
> von Arthur H. Johnson II
> Gesendet: Freitag, 21. Juni 2002 02:49
> An: Marcel Weber
> Cc: debian-testing@lists.debian.org; debian-security@lists.debian.org
> Betreff: Re: DSA 131: Apache Vulnerability
>
>
>
> I have two relative policies:
>
> 1. Always use a firewall to filter out everything but what is absolutely
> necessary, ie web, email, etc.
>
> 2. Always build stuff filtered to the internet from source that way when a
> vulnerability is released, you can update it rather quickly, no matter
> what the distro you are running is.
>
>
>
> --
> Arthur H. Johnson II, Debian GNU/Linux Advocate
> Catechist, St John Catholic Church, Davison MI USA
> President, Genesee County Linux Users Group
>
> IRC:  By-Tor@irc.debian.org,#debian
> YIM:  arthurjohnson
> AIM:  bytor4232
> ICQ:  31770438
>
> On Thu, 20 Jun 2002, Marcel Weber wrote:
>
> > Hi there
> >
> > I got a little question, a bit silly perhaps. When will there be any
> > packages of Apache 1.3.26 or a backported patch for 1.3.24 for
> woody? Will
> > it be in the next time or would it make sense to upgrade by hand, say by
> > compiling one's own binaries. Well yes I know, that there is
> some testing
> > going on of the new security infrastructure for woody, etc. But
> shame on me,
> > I have some woody systems running in a productive environment...
> >
> > Marcel
> >
> >
> >
>
>
> --
> To UNSUBSCRIBE, email to debian-testing-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
>
>
>

-- 
To UNSUBSCRIBE, email to debian-testing-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: DSA 131: Apache Vulnerability
  - From: "Arthur H. Johnson II" <arthur@usol.com>

Prev by Date: Re: DSA 131: Apache Vulnerability
Next by Date: About GNOME Setting and XMMS Sound
Previous by thread: Re: DSA 131: Apache Vulnerability
Next by thread: About GNOME Setting and XMMS Sound
Index(es):
- Date
- Thread