LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 8th, 2014
Linux Advisory Watch: September 5th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora Core 3 Update: httpd-2.0.53-3.3 Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Fedora This update includes two security fixes. An issue was discovered in mod_ssl where "SSLVerifyClientrequire" would not be honoured in location context if the virtual host had "SSLVerifyClient optional" configured (CAN-2005-2700).
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-848
2005-09-07
---------------------------------------------------------------------

Product     : Fedora Core 3
Name        : httpd
Version     : 2.0.53                      
Release     : 3.3                  
Summary     : Apache HTTP Server
Description :
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.

---------------------------------------------------------------------
Update Information:

This update includes two security fixes.  An issue was
discovered in mod_ssl where "SSLVerifyClient require" would
not be honoured in location context if the virtual host had
"SSLVerifyClient optional" configured (CAN-2005-2700).  An
issue was discovered in memory consumption of the byterange
filter for dynamic resources such as PHP or CGI script
(CAN-2005-2728).
---------------------------------------------------------------------
* Fri Sep  2 2005 Joe Orton  2.0.53-3.3
- mod_ssl: add security fix for SSLVerifyClient (#167196, CVE CAN-2005-2700)
- add security fix for byterange filter DoS (#167104, CVE CAN-2005-2728)


---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

05dc67efda902897af31c7e62dcc66a2  SRPMS/httpd-2.0.53-3.3.src.rpm
67407cda524517254da65caff34d1030  x86_64/httpd-2.0.53-3.3.x86_64.rpm
2924ba7fd423ec96c77b0cd0aefe2a71  x86_64/httpd-devel-2.0.53-3.3.x86_64.rpm
f733310d4c8e6d444f185e055918d7cf  x86_64/httpd-manual-2.0.53-3.3.x86_64.rpm
c7ab61bc84334772e400d641959cd85e  x86_64/mod_ssl-2.0.53-3.3.x86_64.rpm
447aae779dc5640c1923925816c50985  x86_64/httpd-suexec-2.0.53-3.3.x86_64.rpm
43192fc61302fe1b52eb6719d05f0b45  x86_64/debug/httpd-debuginfo-2.0.53-3.3.x86_64.rpm
01f2bcf97e7759e17ac711009d433bfe  i386/httpd-2.0.53-3.3.i386.rpm
65e794a48057d6d3d80f887488b4c03a  i386/httpd-devel-2.0.53-3.3.i386.rpm
7f237c80786870bd9f9d300a67aa23fe  i386/httpd-manual-2.0.53-3.3.i386.rpm
57895adf47af7a01ddb5e79d3258a790  i386/mod_ssl-2.0.53-3.3.i386.rpm
fcaa78659c375778eb357e88bd367004  i386/httpd-suexec-2.0.53-3.3.i386.rpm
55a427b5a760daee39eb972c9ca03c4d  i386/debug/httpd-debuginfo-2.0.53-3.3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------

-- 
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Apache Warns of Tomcat Remote Code Execution Vulnerability
Cloud security: We're asking the wrong questions
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.