1. Topic:
A bugfix release of Secure Web Server 3.1 is now available.
2. Problem description:
This release is being made to address two problems:
- missing testcert target in the certificate Makefile
- random intermittent segfaults of the server when SSL pages
were accessed by some versions of Netscape and IE.
In addition, there were other problems in Secure Web Server 3.1
similar to those in the regular Apache packages provided with Red
Hat Linux 6.1.
All of the above problems have been corrected.
3. Bug IDs fixed (see bugzilla for more information):
6920 - Secureweb3.1-1 cannot make testcert
7910 - exit signal Segmentation fault (11) [httpsd Seg Faulting]
4. Relevant releases/architectures:
Red Hat Secure Web Server 3.1 - i386
5. Obsoleted by:
None
6. Conflicts with:
None
7. RPMs required:
Intel:
ftp://updates.redhat.com/securewb/3.1/i386/
secureweb-3.1-2.i386.rpm.rhmask
secureweb-devel-3.1-2.i386.rpm
secureweb-manual-3.1-2.i386.rpm
Source:
ftp://updates.redhat.com/secureweb/3.1/SRPMS
secureweb-3.1-2.nosrc.rpm
8. Solution:
Some of these files are distributed in rhmask format, and may
only be used by individuals who have purchased Red Hat Linux 6.1
Professional.
To produce installable RPM files from the rhmask files, retrieve
the rhmask files via ftp and type the following:
rhmask secureweb-3.1-1.i386.rpm secureweb-3.1-2.i386.rpm.rhmask
The original RPM is located only on your Secure Web Server CD,
and cannot be obtained via the Internet. Note: if you do not have
the original RPM located in the same directory as the rhmask
file, you will need to prefix the name of the RPM with the full
path name to its location (i.e. on your installation CD).
For each RPM for your particular architecture, run:
rpm -Fvh [filename]
where filename is the name of the RPM.
To restart your Secure Web Server, type the following:
/etc/rc.d/init.d/httpsd restart
9. Verification:
MD5 sum Package Name
-------------------------------------------------------------------------
26eb420e5d53c768c1f97a23ba764ebe 3.1/SRPMS/secureweb-3.1-2.nosrc.rpm
73344aaef8abe4166770fcaf893df6a4 3.1/i386/secureweb-manual-3.1-2.i386.rpm
736c861c7092460debcc0b4726cbeac6 3.1/i386/secureweb-3.1-2.i386.rpm.rhmask
13eed124a660b669aa730e41e2cbead3 3.1/i386/secureweb-devel-3.1-2.i386.rpm
These packages are GPG signed by Red Hat, Inc. for security. Our key
is available at:
http://www.redhat.com/about/contact.html
You can verify each package with the following command:
rpm --checksig filename
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nogpg filename
Note that you need RPM >= 3.0 to check GnuPG keys.
10. References: