[SECURITY] Fedora Core 1 Test Update: httpd-2.0.49-1.1
Joe Orton
jorton at redhat.com
Mon May 10 20:05:32 UTC 2004
---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2004-117
2004-05-10
---------------------------------------------------------------------
Name : httpd
Version : 2.0.49
Release : 1.1
Summary : Apache HTTP Server
Description :
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.
---------------------------------------------------------------------
Update Information:
This update includes the latest stable release of Apache httpd 2.0,
including a security fix for a memory leak in mod_ssl which can be
triggered remotely (CVE CAN-2004-0113), and a fix for escaping of error
log output (CVE CAN-2003-0020).
This update also includes an enhanced version of the mod_cgi module
which fixes a long-standing bug in the handling of stderr output
during CGI script execution.
Please add any feedback from testing to the tracker bug report:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=118798
---------------------------------------------------------------------
* Fri May 07 2004 Joe Orton <jorton at redhat.com> 2.0.49-1.1
- fix 2.0.48's httpd loading 2.0.49's mod_expires.so
* Fri May 07 2004 Joe Orton <jorton at redhat.com> 2.0.49-1.0
- update to 2.0.49 (thanks to Robert Scheck, #118798)
- make "noindex" page valid XHTML 1.1 (Pascal Volk, #122020)
- restore /etc/httpd/build/libtool symlink (#113720)
- mod_cgi: backport fixes for stderr handling (upstream #22030)
- mod_dav: misc improvements
- add rgetline NUL-termination fixes (Tsurutani Naoki, upstream #28376)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/1/
25e131342d7ba91193a2060939561457 SRPMS/httpd-2.0.49-1.1.src.rpm
c53041217a267836c99f5b17661a91a9 i386/httpd-2.0.49-1.1.i386.rpm
e39588a069962b6a95b1e06401630cbe i386/httpd-devel-2.0.49-1.1.i386.rpm
450a0cd7d9b9f442583787cbc9faf630 i386/httpd-manual-2.0.49-1.1.i386.rpm
c85fbce55cc6e449d69b0d9053722b4f i386/mod_ssl-2.0.49-1.1.i386.rpm
b7e7f8d0d1340ed944fc0f2bff22cd1d i386/debug/httpd-debuginfo-2.0.49-1.1.i386.rpm
43a453f81e7185da6eab0681a094ea48 x86_64/httpd-2.0.49-1.1.x86_64.rpm
6aebe6ef460860e1fa1d40bee8540876 x86_64/httpd-devel-2.0.49-1.1.x86_64.rpm
a07409a4220d7cb0e25fa17b9f0a5cfb x86_64/httpd-manual-2.0.49-1.1.x86_64.rpm
d798f8673e1b4eca5ed149fc58d87838 x86_64/mod_ssl-2.0.49-1.1.x86_64.rpm
fd7947c0fa75feaae33085f33fc548fb x86_64/debug/httpd-debuginfo-2.0.49-1.1.x86_64.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command. You may
need to edit your up2date channels configuration. Within
/etc/sysconfig/rhn/sources enable the following line:
yum updates-testing http://fedora.redhat.com/updates/testing/fedora-core-1
---------------------------------------------------------------------
More information about the fedora-test-list
mailing list