LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 7th, 2014
Linux Advisory Watch: April 4th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora Core 4 Update: httpd-2.0.54-10.2 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora This update includes two security fixes. An issue was discovered in mod_ssl where "SSLVerifyClient require" would not be honoured in location context if the virtual host had "SSLVerifyClient optional" configured (CAN-2005-2700).
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-849
2005-09-07
---------------------------------------------------------------------

Product     : Fedora Core 4
Name        : httpd
Version     : 2.0.54                      
Release     : 10.2                  
Summary     : Apache HTTP Server
Description :
The Apache HTTP Server is a powerful, full-featured, efficient, and
freely-available Web server. The Apache HTTP Server is also the
most popular Web server on the Internet.

---------------------------------------------------------------------
Update Information:

This update includes two security fixes. An issue was
discovered in mod_ssl where "SSLVerifyClient require" would
not be honoured in location context if the virtual host had
"SSLVerifyClient optional" configured (CAN-2005-2700). An
issue was discovered in memory consumption of the byterange
filter for dynamic resources such as PHP or CGI script
(CAN-2005-2728).
---------------------------------------------------------------------
* Fri Sep  2 2005 Joe Orton  2.0.54-10.2
- mod_ssl: add security fix for SSLVerifyClient (#167196, CVE CAN-2005-2700)
- add security fix for byterange filter DoS (#167104, CVE CAN-2005-2728)
- add fix for dummy connection handling (#167425)
- mod_ldap/mod_auth_ldap: add fixes from 2.0.x branch (upstream #34209 etc)
- mod_ssl: add fix for handling non-blocking reads


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

de712a893989b4a89a96f3239ffe9359  SRPMS/httpd-2.0.54-10.2.src.rpm
f5c47d9a1fd604a9c9f27cb52b687134  ppc/httpd-2.0.54-10.2.ppc.rpm
3fe32aacb961746f97cb239580645542  ppc/httpd-devel-2.0.54-10.2.ppc.rpm
0231bd287c86eee34823bd5de7309840  ppc/httpd-manual-2.0.54-10.2.ppc.rpm
89fc732f2caae3ec8c4fca897a57f28c  ppc/mod_ssl-2.0.54-10.2.ppc.rpm
9185b402e4ebf58c362557d08f1e1e56  ppc/debug/httpd-debuginfo-2.0.54-10.2.ppc.rpm
5597e26e50c206b6292fb6a481264074  x86_64/httpd-2.0.54-10.2.x86_64.rpm
e0cdb0d7c15b7882e7f446e120e8f20e  x86_64/httpd-devel-2.0.54-10.2.x86_64.rpm
26dcb24b83a0528202dfe6ca343a3909  x86_64/httpd-manual-2.0.54-10.2.x86_64.rpm
5c01b4d973491f2be019bfb526199142  x86_64/mod_ssl-2.0.54-10.2.x86_64.rpm
4284f8fe2b0c85c36a87c8cd0c05f1a4  x86_64/debug/httpd-debuginfo-2.0.54-10.2.x86_64.rpm
8e1b97f27ce4a41eb7eb01c15d8eab81  i386/httpd-2.0.54-10.2.i386.rpm
9e32079613629b690beb02e91120998b  i386/httpd-devel-2.0.54-10.2.i386.rpm
04bad4ac9e45412e658d82d7af66fafc  i386/httpd-manual-2.0.54-10.2.i386.rpm
cbe81b8781314a53962ac1b84ebc7349  i386/mod_ssl-2.0.54-10.2.i386.rpm
7b0f8b83a6f021702135942aa6159a98  i386/debug/httpd-debuginfo-2.0.54-10.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

-- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
'Snowden effect' has changed cloud data security assumption, survey claims
Galaxy S5 fingerprint scanner hacked with glue mould
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.