I'm curious, why wouldn't FC2 get 2.0.52? Considering FC2 had 2.0.49 at release and has since been upgraded to 2.0.51, is there some specific reason not to push 2.0.52 out to FC2 updates? Thanks, -- jeremy On Fri, 12 Nov 2004 21:18:00 +0000, Joe Orton <jorton@xxxxxxxxxx> wrote: > --------------------------------------------------------------------- > Fedora Update Notification > FEDORA-2004-420 > 2004-11-12 > --------------------------------------------------------------------- > > Product : Fedora Core 2 > Name : httpd > Version : 2.0.51 > Release : 2.9 > Summary : Apache HTTP Server > Description : > Apache is a powerful, full-featured, efficient, and freely-available > Web server. Apache is also the most popular Web server on the > Internet. > > --------------------------------------------------------------------- > > This update includes the fixes for an issue in mod_ssl which could > lead to a bypass of an SSLCipherSuite setting in directory or location > context (CVE CAN-2004-0885), and a memory consumption denial of > service issue in the handling of request header lines (CVE > CAN-2004-0942). > > --------------------------------------------------------------------- > > * Thu Nov 11 2004 Joe Orton <jorton@xxxxxxxxxx> 2.0.51-2.9 > > - add fix for memory consumption DoS, CAN-2004-0942 > - mod_ssl: add fix for SSLCipherSuite bypass, CAN-2004-0885 > > --------------------------------------------------------------------- > This update can be downloaded from: > http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ > > b202b93fa33a117c576f49b0b6ea8cce SRPMS/httpd-2.0.51-2.9.src.rpm > d44a26a035bef7f26249e1d0a7ae95b4 x86_64/httpd-2.0.51-2.9.x86_64.rpm > 0920735cfe93100965958df44e6cca28 x86_64/httpd-devel-2.0.51-2.9.x86_64.rpm > 50681f4ed4f3448fa1f8fd86ce41d749 x86_64/httpd-manual-2.0.51-2.9.x86_64.rpm > 1b3230a8c205bdf96464d4ecc51bea40 x86_64/mod_ssl-2.0.51-2.9.x86_64.rpm > fae759a29d5ac1eacfb947ec4b447994 x86_64/debug/httpd-debuginfo-2.0.51-2.9.x86_64.rpm > d8e4ed9aafd639fdfab26e6fe3cd8c29 i386/httpd-2.0.51-2.9.i386.rpm > cd1ab7ce0fcc375de0d6db748babc753 i386/httpd-devel-2.0.51-2.9.i386.rpm > 341a963e8ac8aba17c18eaebc7ac27c1 i386/httpd-manual-2.0.51-2.9.i386.rpm > f227c579f61c355c594f8e790695bcd8 i386/mod_ssl-2.0.51-2.9.i386.rpm > dc3be7afa997f09293b82caaae505f7b i386/debug/httpd-debuginfo-2.0.51-2.9.i386.rpm > > This update can also be installed with the Update Agent; you can > launch the Update Agent with the 'up2date' command. > --------------------------------------------------------------------- > > > -- > fedora-announce-list mailing list > fedora-announce-list@xxxxxxxxxx > http://www.redhat.com/mailman/listinfo/fedora-announce-list > > >
