drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Fehlerkorrektur in Apache
Name: |
Fehlerkorrektur in Apache |
|
ID: |
SSA:2006-130-01 |
|
Distribution: |
Slackware |
|
Plattformen: |
Slackware -current, Slackware 8.1, Slackware 9.0, Slackware 9.1, Slackware 10.0, Slackware 10.1, Slackware 10.2 |
|
Datum: |
Mi, 10. Mai 2006, 23:27 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
Apache |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
[slackware-security] Apache httpd redux (SSA:2006-130-01)
New Apache packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and -current to fix a bug with Apache 1.3.35 and glibc that breaks wildcards in Include directives. It may not occur with all versions of glibc, but it has been verified on -current (using an Include within a file already Included causes a crash), so better to patch it and reissue these packages just to be sure. My apologies if the last batch of updates caused anyone undue grief... they worked here with my (too simple?) config files.
Note that if you use mod_ssl, you'll also require the mod_ssl package that was part of yesterday's release, and on -current you'll need the newest PHP package (if you use PHP).
Thanks to Francesco Gringoli for bringing this issue to my attention.
Here are the details from the Slackware 10.2 ChangeLog: +--------------------------+ patches/packages/apache-1.3.35-i486-2_slack10.2.tgz: Patched to fix totally broken Include behavior. Thanks to Francesco Gringoli for reporting this bug. +--------------------------+
Where to find the new packages: +-----------------------------+
Updated package for Slackware 8.1: apache-1.3.35-i386-2_slack8.1.tgz
Updated package for Slackware 9.0: apache-1.3.35-i386-2_slack9.0.tgz
Updated package for Slackware 9.1: apache-1.3.35-i486-2_slack9.1.tgz
Updated package for Slackware 10.0: apache-1.3.35-i486-2_slack10.0.tgz
Updated package for Slackware 10.1: apache-1.3.35-i486-2_slack10.1.tgz
Updated package for Slackware 10.2: apache-1.3.35-i486-2_slack10.2.tgz
Updated package for Slackware -current: apache-1.3.35-i486-2.tgz
MD5 signatures: +-------------+
Slackware 8.1 package: 3affa50debe634e148d8cfed98733a47 apache-1.3.35-i386-2_slack8.1.tgz
Slackware 9.0 package: d3d5c446c6b16c84d17a43c0e836071c apache-1.3.35-i386-2_slack9.0.tgz
Slackware 9.1 package: daa91eb34cd487f7621301f95ac931ce apache-1.3.35-i486-2_slack9.1.tgz
Slackware 10.0 package: d4031f1dc80659091c9b83a9bfed2a9e apache-1.3.35-i486-2_slack10.0.tgz
Slackware 10.1 package: a1239458270ae312f4d7f510cbd9785b apache-1.3.35-i486-2_slack10.1.tgz
Slackware 10.2 package: 78130e24c739ea5c3569a0ab6647a7df apache-1.3.35-i486-2_slack10.2.tgz
Slackware -current packages: 4b961ce755054c1820988ff0192922ad apache-1.3.35-i486-2.tgz
Installation instructions: +------------------------+
First, stop apache:
# apachectl stop
Then, upgrade the apache package:
# upgradepkg apache-1.3.35-i486-2_slack10.2.tgz
Finally, restart apache:
# apachectl start
Or, if you use mod_ssl:
# apachectl startssl
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.7 (GNU/Linux)
iD8DBQFEYlgpakRjwEAQIjMRAhLkAJ0fv6adt0ax/DkSlP7DdCcEv6evggCbBkzy qHwX74fYu+DZAnYynIkEaCw= =b1F1 -----END PGP SIGNATURE-----
|
|
|
|