Fedora alert FEDORA-2004-203 (httpd)
| From: | Joe Orton <jorton@redhat.com> | |
| To: | fedora-announce-list@redhat.com | |
| Subject: | [SECURITY] Fedora Core 1 Update: httpd-2.0.50-1.0 | |
| Date: | Mon, 19 Jul 2004 19:52:26 +0100 |
--------------------------------------------------------------------- Fedora Update Notification FEDORA-2004-203 2004-07-19 --------------------------------------------------------------------- Product : Fedora Core 1 Name : httpd Version : 2.0.50 Release : 1.0 Summary : Apache HTTP Server Description : Apache is a powerful, full-featured, efficient, and freely-available Web server. Apache is also the most popular Web server on the Internet. --------------------------------------------------------------------- Update Information: This update includes the latest stable release of Apache httpd 2.0, including security fixes for a remotely triggerable memory leak (CVE CAN-2004-0493), and a buffer overflow in mod_ssl which can be triggered only by a (trusted) client certificate with a long subject DN field (CVE CAN-2004-0488). --------------------------------------------------------------------- * Thu Jul 01 2004 Joe Orton <jorton@redhat.com> 2.0.50-1.0 - update to 2.0.50 (CVE CAN-2004-0488, CAN-2004-0493, #126864, #125047) - mod_autoindex: don't truncate output on stat() failure (#126930) --------------------------------------------------------------------- This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/ a5786025381c7ddf245157d815db77df SRPMS/httpd-2.0.50-1.0.src.rpm 72838969ae685149f394bd7aa22f1d1e x86_64/httpd-2.0.50-1.0.x86_64.rpm e8f54a359eb76fd784a76ab046f6a816 x86_64/httpd-devel-2.0.50-1.0.x86_64.rpm ec851a779096d42208066a1284032f60 x86_64/httpd-manual-2.0.50-1.0.x86_64.rpm 542234c3e5c4d32b1f6bb5d511512f33 x86_64/mod_ssl-2.0.50-1.0.x86_64.rpm e89824f441e4b12f1f21113665f8d334 x86_64/debug/httpd-debuginfo-2.0.50-1.0.x86_64.rpm 4ab7626097cc2715e39f153e151de084 i386/httpd-2.0.50-1.0.i386.rpm 57bb0c618a201a11f71fbd8f7421d445 i386/httpd-devel-2.0.50-1.0.i386.rpm 3e80b67e35b974659b38791838f7182e i386/httpd-manual-2.0.50-1.0.i386.rpm 3c51c55cde33e0976ca30451342a6354 i386/mod_ssl-2.0.50-1.0.i386.rpm 82de5f02ed600ba4a489c0f96bb15d4d i386/debug/httpd-debuginfo-2.0.50-1.0.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- -- fedora-announce-list mailing list fedora-announce-list@redhat.com http://www.redhat.com/mailman/listinfo/fedora-announce-list
(Log in to post comments)