[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
- Subject: Re: [cobalt-security] Apache worm that uses the chunk vulnerability - in the wild
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Sat, 29 Jun 2002 01:07:33 +0200
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Bruce,
> Actually, the RaQ3 patch is _supposed_ to upgrade Apache to 1.3.20... I
> haven't looked to see if that actually made it into the patch or not
> though.
Now that would be cool. The last time I looked at the unsupported RPM / SRPM
for the RaQ3 with the chunked encoding fixed which you guys had uploaded it
still showed Apache-1.3.6. However, the way you've got Apache-1.3.20 locked
down it would really make sense to go for 1.3.20 on the RaQ3.
--
Mit freundlichen Grüßen / With best regards
Michael Stauber
mstauber@xxxxxxxxxxxxxx
Unix/Linux Support Engineer