Re: Attempts to push spam through apache
From: David Benfell (benfell_at_parts-unknown.org)
Date: Sun, 22 Aug 2004 23:02:59 -0700 To: firstname.lastname@example.org
On Sat, 21 Aug 2004 23:51:47 -0500, Gabriel Orozco wrote:
> I know there are other, newer apache versions, but SuSE doesn't have them. I
> disabled apache until the client authorizes the fix proposed (upgrade from
SuSE, and other distributors, commonly preserve the version number of
software even as they patch the versions they offer to fix
vulnerabilities. It's a headache because it means you have to look at
their README files and other documentation to see if they've fixed the
vulnerabilities you're looking for.
But apparently, it avoids breaking their package management systems.
-- David Benfell, LCP email@example.com --- Resume available at http://www.parts-unknown.org/resume.html