Fedora Core 3 Update: httpd-2.0.53-3.3 - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

Is Mandatory Access Control Too Much Security For Enterprise's Linux?

	Yes, too difficult to configure and manage.
	No. You can never have enough security.
	Yes. Standard Linux security settings work for us.
	No. Industry demands will demand SELinux.
	Don't know.

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

Emily Ratliff: OS Security

DanWalsh LiveJournal

Security Bloggers Network

Latest Newsletters

Linux Advisory Watch: September 5th, 2008

Linux Security Week: September 1st, 2008

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

Fedora Core 3 Update: httpd-2.0.53-3.3

User Rating:

How can I rate this item?

Posted by Benjamin D. Thomas

This update includes two security fixes. An issue was discovered in mod_ssl where "SSLVerifyClientrequire" would not be honoured in location context if the virtual host had "SSLVerifyClient optional" configured (CAN-2005-2700).

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-848
2005-09-07
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : httpd
Version     : 2.0.53                      
Release     : 3.3                  
Summary     : Apache HTTP Server
Description :
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.

---------------------------------------------------------------------
Update Information:

This update includes two security fixes.  An issue was
discovered in mod_ssl where "SSLVerifyClient require" would
not be honoured in location context if the virtual host had
"SSLVerifyClient optional" configured (CAN-2005-2700).  An
issue was discovered in memory consumption of the byterange
filter for dynamic resources such as PHP or CGI script
(CAN-2005-2728).
---------------------------------------------------------------------
* Fri Sep  2 2005 Joe Orton  2.0.53-3.3
- mod_ssl: add security fix for SSLVerifyClient (#167196, CVE CAN-2005-2700)
- add security fix for byterange filter DoS (#167104, CVE CAN-2005-2728)


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

05dc67efda902897af31c7e62dcc66a2  SRPMS/httpd-2.0.53-3.3.src.rpm
67407cda524517254da65caff34d1030  x86_64/httpd-2.0.53-3.3.x86_64.rpm
2924ba7fd423ec96c77b0cd0aefe2a71  x86_64/httpd-devel-2.0.53-3.3.x86_64.rpm
f733310d4c8e6d444f185e055918d7cf  x86_64/httpd-manual-2.0.53-3.3.x86_64.rpm
c7ab61bc84334772e400d641959cd85e  x86_64/mod_ssl-2.0.53-3.3.x86_64.rpm
447aae779dc5640c1923925816c50985  x86_64/httpd-suexec-2.0.53-3.3.x86_64.rpm
43192fc61302fe1b52eb6719d05f0b45  x86_64/debug/httpd-debuginfo-2.0.53-3.3.x86_64.rpm
01f2bcf97e7759e17ac711009d433bfe  i386/httpd-2.0.53-3.3.i386.rpm
65e794a48057d6d3d80f887488b4c03a  i386/httpd-devel-2.0.53-3.3.i386.rpm
7f237c80786870bd9f9d300a67aa23fe  i386/httpd-manual-2.0.53-3.3.i386.rpm
57895adf47af7a01ddb5e79d3258a790  i386/mod_ssl-2.0.53-3.3.i386.rpm
fcaa78659c375778eb357e88bd367004  i386/httpd-suexec-2.0.53-3.3.i386.rpm
55a427b5a760daee39eb972c9ca03c4d  i386/debug/httpd-debuginfo-2.0.53-3.3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

-- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

< Prev		Next >

Partner:

Latest Features

Review: Hacking Exposed Linux, Third Edition

Security Features of Firefox 3.0

Review: The Book of Wireless

April 2008 Open Source Tool of the Month: sudo

Open Source Tool of March: ZoneMinder

Meet the Anti-Nmap: PSAD

Open Source Tool of February: Nmap!

Yesterday's Edition

QuickLinks: Comunity , HOWTOs , Blogs , Features , Book Reviews , Networking ,
Security Projects , Latest News , Newsletters , SELinux , Privacy , Home,
Hardening , About Us, Advertise, Legal Notice, RSS, Guardian Digital