[PLUG] FW: CERT Advisory CA-2002-27 Apache/mod_ssl Worm
alan
alan at clueserver.org
Fri Sep 20 14:38:55 UTC 2002
On Fri, 20 Sep 2002, Colin Kuskie wrote:
> On Fri, Sep 20, 2002 at 03:41:09PM -0700, Steven Raymond wrote:
> > I have checked up2date every day for a new rpm for this vulnerabiliy- but
> > it seems that so far Redhat has not addressed the issue. What have you
> > RH'ers done to protect yourselves? Right now am safeguarding in other
> > ways but I haven't tried to patch or otherwise, hoping that an rpm will
> > resolve the problem. Any suggestions (besides changing distros, ;)
> > Thanks
>
> http://rhn.redhat.com/errata/RHSA-2002-155.html
>
> This was released July 9, 2002. Odds are that if you've been running
> up2date like you say, it's already on your system.
I wish Redhat had been a bit more clear in their announcement. I know
what is fixed in that version and i was not clear about it until looking
at the SRPM.
More information about the PLUG
mailing list