Round-up, 2004-11-28

Mark Scott mark.scott at csuk-solutions.net
Mon Nov 29 09:34:00 UTC 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Pekka Savola wrote:
| On Sun, 28 Nov 2004, Dominic Hargreaves wrote:
|
|> httpd - http://bugzilla.fedora.us/show_bug.cgi?id=2148
|> Needs VERIFY [rh73]
|
|
| This has been superceded.  There's a new bug out there allowing local
| code execution through SSI parsing, and I guess this update should
| include that as well...
|

Is there some kind of policy on when an update gets merged in with another?
If this continues to happen it can *really* delay the previous fixes. Bug
2148 has been open since 11th October, which means there has been nearly 2
months with webservers running an insecure httpd.

- --
Mark Scott
CSUK Solutions Technical Team
Tel: +44 (0)845 6444 185
Email: mark.scott at csuk-solutions.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBqu0Bl2I0fYrP+68RAr/cAJ9GJTMRAgYEhtshyEKUwDsLZr02sACgjN52
gSfMxxw4FQL+XDPbd9ythTo=
=ky/5
-----END PGP SIGNATURE-----




More information about the fedora-legacy-list mailing list