[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Round-up, 2004-11-28

From: Mark Scott <mark scott csuk-solutions net>
To: Discussion of the Fedora Legacy Project <fedora-legacy-list redhat com>
Subject: Re: Round-up, 2004-11-28
Date: Mon, 29 Nov 2004 09:34:00 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Pekka Savola wrote:
| On Sun, 28 Nov 2004, Dominic Hargreaves wrote:
|
|> httpd - http://bugzilla.fedora.us/show_bug.cgi?id=2148
|> Needs VERIFY [rh73]
|
|
| This has been superceded.  There's a new bug out there allowing local
| code execution through SSI parsing, and I guess this update should
| include that as well...
|

Is there some kind of policy on when an update gets merged in with another?
If this continues to happen it can *really* delay the previous fixes. Bug
2148 has been open since 11th October, which means there has been nearly 2
months with webservers running an insecure httpd.

- --
Mark Scott
CSUK Solutions Technical Team
Tel: +44 (0)845 6444 185
Email: mark scott csuk-solutions net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBqu0Bl2I0fYrP+68RAr/cAJ9GJTMRAgYEhtshyEKUwDsLZr02sACgjN52
gSfMxxw4FQL+XDPbd9ythTo=
=ky/5
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: Round-up, 2004-11-28
  - From: Marc Deslauriers

References:
- Round-up, 2004-11-28
  - From: Dominic Hargreaves
- Re: Round-up, 2004-11-28
  - From: Pekka Savola

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]