A denial-of-service attack against the Apache web server has been found which
lets remote sites disable your web server. This attack does not let remote
users gain any sort of access to your computer, nor does it let local users
gain any special access.
Red Hat recommends upgrading apache on systems which are functioning as
Internet servers. After installing the new apache package, be sure to
restart the apache server as follows:
/etc/rc.d/init.d/httpd stop
/etc/rc.d/init.d/httpd start
A fix for the Red Hat Secure Server will be available later this week.
Red Hat 5.0 and 5.1
- -------------------
i386:
rpm -Uvh ftp://ftp.redhat.com/updates/5.1/i386/apache-1.2.6-5.i386.rpm
alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/5.1/alpha/apache-1.2.6-5.alpha.rpm
SPARC:
rpm -Uvh ftp://ftp.redhat.com/updates/5.1/sparc/apache-1.2.6-5.sparc.rpm
Red Hat 4.2
- -------------
i386:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/apache-1.2.5-0.1.i386.rpm
alpha:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/apache-1.2.5-0.1.alpha.rpm
SPARC:
rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/apache-1.2.5-0.1.sparc.rpm
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:11:56 PDT