Security Advisory Updates for FC1
Mike McMullen
mlm at loanprocessing.net
Sat May 1 03:32:29 UTC 2004
Hi All,
I've received several updates notices for RH9 recently regarding security
vulnerabilities updates. In particular, mod_ssl issues in apache httpd:
----
Topic
Updated httpd packages are now available that fix a denial of service
vulnerability in mod_ssl and include various other bug fixes.
Description
The Apache HTTP server is a powerful, full-featured, efficient, and
freely-available Web server.
A memory leak in mod_ssl in the Apache HTTP Server prior to version 2.0.49
allows a remote denial of service attack against an SSL-enabled server. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2004-0113 to this issue.
Users of the Apache HTTP server should upgrade to these updated packages,
which contain backported patches that address these issues.
----
Since FC1 has httpd 2.0.48, how are security updates handled for Fedora?
I've tried up2date on my FC1 systems but they say they are up to date.
Any insight appreciated,
Mike
More information about the fedora-list
mailing list