[PLUG] FW: CERT Advisory CA-2002-27 Apache/mod_ssl Worm

alan alan at clueserver.org
Fri Sep 20 14:38:55 UTC 2002


On Fri, 20 Sep 2002, Colin Kuskie wrote:

> On Fri, Sep 20, 2002 at 03:41:09PM -0700, Steven Raymond wrote:
> > I have checked up2date every day for a new rpm for this vulnerabiliy- but
> > it seems that so far Redhat has not addressed the issue.  What have you
> > RH'ers done to protect yourselves?  Right now am safeguarding in other
> > ways but I haven't tried to patch or otherwise, hoping that an rpm will
> > resolve the problem.  Any suggestions (besides changing distros, ;)
> > Thanks
> 
> http://rhn.redhat.com/errata/RHSA-2002-155.html
> 
> This was released July 9, 2002.  Odds are that if you've been running
> up2date like you say, it's already on your system.

I wish Redhat had been a bit more clear in their announcement.  I know 
what is fixed in that version and i was not clear about it until looking 
at the SRPM.






More information about the PLUG mailing list