Debian Apache Security Update

From: Johnie Ingram (johnieat_private)
Date: Fri Aug 07 1998 - 21:53:00 PDT

Next message: John D. Hardin: "Re: Eudora executes (Java) URL"

Previous message: Jim Hebert: "Re: A way to prevent buffer overflow exploits? (was: "Any user can"
Next in thread: Dag-Erling Coidan Smørgrav: "Re: Debian Apache Security Update"
Reply: Dag-Erling Coidan Smørgrav: "Re: Debian Apache Security Update"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----


A security problem has been found in apache.  It allows users to crash
the webserver from a remote system, and should be fixed as soon as
possible.

Debian 2.0 and "slink"
- ----------------------

i386:
wget http://ftp1.us.debian.org/debian/security/apache_1.3.1-3_i386.deb
wget http://ftp1.us.debian.org/debian/security/apache-common_1.3.1-3_i386.deb
dpkg -B --install apache_1.3.1-3_i386.deb apache-common_1.3.1-3_i386.deb

alpha:
wget http://ftp1.us.debian.org/debian/security/apache_1.3.1-3_alpha.deb
wget http://ftp1.us.debian.org/debian/security/apache-common_1.3.1-3_alpha.deb
dpkg -B --install apache_1.3.1-3_alpha.deb apache-common_1.3.1-3_alpha.deb

SPARC:
wget http://ftp1.us.debian.org/debian/security/apache-common_1.3.1-3_sparc.deb
wget http://ftp1.us.debian.org/debian/security/apache_1.3.1-3_sparc.deb
dpkg -B --install apache_1.3.1-3_sparc.deb apache-common_1.3.1-3_sparc.deb

automatic upgrades:
Our tier 1 mirrors already have the additional files needed for an automatic
dselect or apt upgrade:
     * http://www.uk.debian.org/debian/ (Europe)
     * http://debian.midco.net/debian/ (South Dakota)
     * http://llug.sep.bnl.gov/debian/ (New York)
     * http://ftp1.us.debian.org/debian/ (Michigan)

NOTE: This will break the libapache-mod-perl and php3 packages
released with Debian 2.0.  A mod_perl DSO suitable for Apache 1.3.1 is
on all mirror sites in the "slink" distribution.

Thanks to Dag-Erling Smørgrav for finding this bug, and Ben Laurie for
fixing it.


d4dfe92f16137d8763581baa8669e518  apache-common_1.3.1-3_alpha.deb
f29124cbfbc283d50074184274a5e831  apache-common_1.3.1-3_i386.deb
22a48cab0455aba52fc25d0202844de8  apache-common_1.3.1-3_sparc.deb
e8361b3ce0da4653c009ecdc950e3ff6  apache-dev_1.3.1-3_all.deb
7be5af08b716366c9d0701b4e3c31fa8  apache-doc_1.3.1-3_all.deb
07f0d80e6811cfeb5b266a5f03c634ec  apache_1.3.1-3_alpha.deb
105f07e5e4a8d4e059bcf8e06a1aa1ef  apache_1.3.1-3_i386.deb
9244e8de9ade54f32ee35b4b5a38776b  apache_1.3.1-3_sparc.deb


- ---------------------  PGP  E4 70 6E 59 80 6A F5 78  63 32 BC FB 7A 08 53 4C

   __ _    Debian GNU         Johnie Ingram <johnieat_private>      mm   mm
  / /(_)_ __  _   ___  __        "netgod"     irc.debian.org          mm mm
 / / | | '_ \| | | \ \/ /                                             m m m
/ /__| | | | | |_| |>  <      Yes, I'm Linus, and I am your God.     mm   mm
\____/_|_| |_|\__,_/_/\_\       -- Linus, keynote address, Expo 98   GO BLUE


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: latin1

iQCVAwUBNcvZhhCswmGWXGp9AQHfWAQAjz87EI9iWE48yn08cwleNIEA3gLiFjOo
lhP+1L+15eJ+oJQbcgTcnvA4W7iDhEU5LnCxoPSRFanX+4RZK9wG60JlhopLINRT
lxP7vkj8KJTxPLKJGh4PST7Stz2xmbf3AB5VNBApU8JLbzwFFyWz9G+JITTO9/b4
7+0UY4aB3QA=
=c2yu
-----END PGP SIGNATURE-----

Next message: John D. Hardin: "Re: Eudora executes (Java) URL"
Previous message: Jim Hebert: "Re: A way to prevent buffer overflow exploits? (was: "Any user can"
Next in thread: Dag-Erling Coidan Smørgrav: "Re: Debian Apache Security Update"
Reply: Dag-Erling Coidan Smørgrav: "Re: Debian Apache Security Update"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:11:52 PDT