Re: Attempts to push spam through apache
From: David Benfell (benfell_at_parts-unknown.org)
Date: 08/23/04
- Previous message: Adrian Popescu: "Re: Attempts to push spam through apache"
- In reply to: Gabriel Orozco: "Re: Attempts to push spam through apache"
- Next in thread: Jan Knutar: "Re: Attempts to push spam through apache"
- Reply: Jan Knutar: "Re: Attempts to push spam through apache"
- Reply: Alex Butcher, ISC/ISYS: "Re: Attempts to push spam through apache"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 22 Aug 2004 23:02:59 -0700 To: focus-linux@securityfocus.com
On Sat, 21 Aug 2004 23:51:47 -0500, Gabriel Orozco wrote:
>
> I know there are other, newer apache versions, but SuSE doesn't have them. I
> disabled apache until the client authorizes the fix proposed (upgrade from
> sources).
>
SuSE, and other distributors, commonly preserve the version number of
software even as they patch the versions they offer to fix
vulnerabilities. It's a headache because it means you have to look at
their README files and other documentation to see if they've fixed the
vulnerabilities you're looking for.
But apparently, it avoids breaking their package management systems.
-- David Benfell, LCP benfell@parts-unknown.org --- Resume available at http://www.parts-unknown.org/resume.html
- Previous message: Adrian Popescu: "Re: Attempts to push spam through apache"
- In reply to: Gabriel Orozco: "Re: Attempts to push spam through apache"
- Next in thread: Jan Knutar: "Re: Attempts to push spam through apache"
- Reply: Jan Knutar: "Re: Attempts to push spam through apache"
- Reply: Alex Butcher, ISC/ISYS: "Re: Attempts to push spam through apache"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
