Fedora: httpd-2.0.51-2.9 update - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: February 6th, 2012

Linux Advisory Watch: February 3rd, 2012

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Fedora: httpd-2.0.51-2.9 update

User Rating:

How can I rate this item?

Posted by LinuxSecurity.com Team

This update includes the fixes for an issue in mod_ssl which could lead to a bypass of an SSLCipherSuite setting in directory or location context (CVE CAN-2004-0885), and a memory consumption denial of service issue in the handling of request header lines (CVE CAN-2004-0942).


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-420
2004-11-12
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : httpd
Version     : 2.0.51
Release     : 2.9
Summary     : Apache HTTP Server
Description :
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.

---------------------------------------------------------------------

This update includes the fixes for an issue in mod_ssl which could
lead to a bypass of an SSLCipherSuite setting in directory or location
context (CVE CAN-2004-0885), and a memory consumption denial of
service issue in the handling of request header lines (CVE
CAN-2004-0942).

---------------------------------------------------------------------

* Thu Nov 11 2004 Joe Orton <jorton@redhat.com> 2.0.51-2.9

- add fix for memory consumption DoS, CAN-2004-0942
- mod_ssl: add fix for SSLCipherSuite bypass, CAN-2004-0885

---------------------------------------------------------------------
This update can be downloaded from:
   http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

b202b93fa33a117c576f49b0b6ea8cce  SRPMS/httpd-2.0.51-2.9.src.rpm
d44a26a035bef7f26249e1d0a7ae95b4  x86_64/httpd-2.0.51-2.9.x86_64.rpm
0920735cfe93100965958df44e6cca28  x86_64/httpd-devel-2.0.51-2.9.x86_64.rpm
50681f4ed4f3448fa1f8fd86ce41d749  x86_64/httpd-manual-2.0.51-2.9.x86_64.rpm
1b3230a8c205bdf96464d4ecc51bea40  x86_64/mod_ssl-2.0.51-2.9.x86_64.rpm
fae759a29d5ac1eacfb947ec4b447994  x86_64/debug/httpd-debuginfo-2.0.51-2.9.x86_64.rpm
d8e4ed9aafd639fdfab26e6fe3cd8c29  i386/httpd-2.0.51-2.9.i386.rpm
cd1ab7ce0fcc375de0d6db748babc753  i386/httpd-devel-2.0.51-2.9.i386.rpm
341a963e8ac8aba17c18eaebc7ac27c1  i386/httpd-manual-2.0.51-2.9.i386.rpm
f227c579f61c355c594f8e790695bcd8  i386/mod_ssl-2.0.51-2.9.i386.rpm
dc3be7afa997f09293b82caaae505f7b  i386/debug/httpd-debuginfo-2.0.51-2.9.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------