A denial-of-service attack against the Apache web server has been found which lets remote sites disable your web server. This attack does not let remote users gain any sort of access to your computer, nor does it let local users gain any special access. Red Hat recommends upgrading apache on systems which are functioning as Internet servers. After installing the new apache package, be sure to restart the apache server as follows: /etc/rc.d/init.d/httpd stop /etc/rc.d/init.d/httpd start A fix for the Red Hat Secure Server will be available later this week. Red Hat 5.0 and 5.1 - ------------------- i386: rpm -Uvh ftp://ftp.redhat.com/updates/5.1/i386/apache-1.2.6-5.i386.rpm alpha: rpm -Uvh ftp://ftp.redhat.com/updates/5.1/alpha/apache-1.2.6-5.alpha.rpm SPARC: rpm -Uvh ftp://ftp.redhat.com/updates/5.1/sparc/apache-1.2.6-5.sparc.rpm Red Hat 4.2 - ------------- i386: rpm -Uvh ftp://ftp.redhat.com/updates/4.2/i386/apache-1.2.5-0.1.i386.rpm alpha: rpm -Uvh ftp://ftp.redhat.com/updates/4.2/alpha/apache-1.2.5-0.1.alpha.rpm SPARC: rpm -Uvh ftp://ftp.redhat.com/updates/4.2/sparc/apache-1.2.5-0.1.sparc.rpm
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:11:56 PDT