[SECURITY] Fedora Core 3 Test Update: httpd-2.0.53-3.2
Joseph Orton
jorton at redhat.com
Tue Jul 26 16:28:17 UTC 2005
---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2005-638
2005-07-26
---------------------------------------------------------------------
Product : Fedora Core 3
Name : httpd
Version : 2.0.53
Release : 3.2
Summary : Apache HTTP Server
Description :
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.
---------------------------------------------------------------------
Update Information:
This update includes version 2.0.53 of the Apache HTTP server, and also adds security fixes for CVE CAN-2005-2088 and CVE CAN-2005-1268.
---------------------------------------------------------------------
* Tue Jul 26 2005 Joe Orton <jorton at redhat.com> 2.0.53-3.2
- add security fix for C-L vs T-E handling (#162245, CVE CAN-2005-2088)
- mod_ssl: add security fix for CRL overflow (CVE CAN-2005-1268)
- mod_ssl: fix to enable output buffering (upstream #35279)
- mod_ssl: fix for picking up -shutdown options (upstream #34452)
- mod_include: fix variable corruption in nested includes (upstream #12655)
- mod_auth_digest: fix hostinfo comparison in CONNECT requests
- add piped logger fixes (w/Jeff Trawick)
- mod_userdir: fix memory allocation issue (upstream #34588)
* Mon Mar 21 2005 Joe Orton <jorton at redhat.com> 2.0.53-3.1
- update to 2.0.53
- apachectl: use runuser so "apachectl testconfig" produces output
- apachectl: restore use of $OPTIONS again (#115910)
- mod_ssl: set user from SSLUserName in access hook (upstream #31418)
- htdigest: fix permissions of created files (upstream #33765)
- httpd.init: refuse to restart if config syntax test fails
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/3/
10ea4d2d15241c0b9ab7890699248f5c SRPMS/httpd-2.0.53-3.2.src.rpm
1a06154e217fbeb81d95b7de92e3e883 x86_64/httpd-2.0.53-3.2.x86_64.rpm
198caa3f58a77eecd9e35203efb1706e x86_64/httpd-devel-2.0.53-3.2.x86_64.rpm
1c3dbbff6ccf5f0b75f1d29720b242a9 x86_64/httpd-manual-2.0.53-3.2.x86_64.rpm
1071d6bb60c5845a2a48ab63524c804a x86_64/mod_ssl-2.0.53-3.2.x86_64.rpm
4bdb6faab9fc383bc07a096edf2296d6 x86_64/httpd-suexec-2.0.53-3.2.x86_64.rpm
e4dff03c0190703461335f04a23b0d21 x86_64/debug/httpd-debuginfo-2.0.53-3.2.x86_64.rpm
76ed424becdf4cf3f11a63f72109934a i386/httpd-2.0.53-3.2.i386.rpm
d4631d1ba1e7b33388d99d2f64a4a7b2 i386/httpd-devel-2.0.53-3.2.i386.rpm
76bc4b6d88c48023dbd624883ed99f33 i386/httpd-manual-2.0.53-3.2.i386.rpm
83cf6007101cc445d7c5f8cd77feb1c2 i386/mod_ssl-2.0.53-3.2.i386.rpm
d7aa19469cc57a92730880ec0b247ebe i386/httpd-suexec-2.0.53-3.2.i386.rpm
e702c16852de4e7bf7d0c6d2b9e4ead3 i386/debug/httpd-debuginfo-2.0.53-3.2.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command. You may
need to edit your up2date channels configuration. Within
/etc/sysconfig/rhn/sources enable the following line:
yum updates-testing http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/3/$ARCH
---------------------------------------------------------------------
More information about the fedora-test-list
mailing list