On Thu, Jun 20, 2002 at 01:29:04PM +1000, John wrote:
| There's now an exploit in the wild for Apache (the chunked whatever
| bug). The DSA mentions an update which is version 1.3.9-14.1
|
| We need a version > 1.2.12, and are running 1.3.23 from woody. Is there
| any idea where a patched 1.3.23 for woody might be? Or should I install
| from source from apache.org?
Woody currently has 1.3.24-3 (as does sid). (at least, according to
the mirror I use)
Nonetheless, the DSA says it affects 64-bit architectures. It sounds
like if you're not using a 64-bit system (eg SPARC or ia64) then you
aren't vulnerable.
<quote>
... might allow arbitrary code execution on 64 bit architectures.
</quote>
-D
--
A violent man entices his neighbor
and leads him down a path that is not good.
Proverbs 16:29
http://dman.ddts.net/~dman/
Attachment:
pgpCW42aAsqtz.pgp
Description: PGP signature