[3389] in Release_7.7_team
Re: Apache web-server vulnerability on surflets.mit.edu (Case 284967)
daemon@ATHENA.MIT.EDU (Ying-Jui Chen)
Tue Jul 9 14:22:26 2002
Message-ID: <3D2B2990.4D057FAC@mit.edu>
Date: Tue, 09 Jul 2002 14:21:04 -0400
From: Ying-Jui Chen <yrchen@MIT.EDU>
MIME-Version: 1.0
To: Javier A Castro <javy@mit.edu>
CC: security@mit.edu, release-team@mit.edu
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Hi Javier,
Thank you for your update. I tried /etc/athena/update_ws, but it says "No new
version is available."
Should I run rpm manually? My current version of apache is
# rpm -q apache
apache-1.3.22-5.7.1
Thanks,
-yr
Javier A Castro wrote:
> Ying-Jui,
>
> A patch was released by MIT Information Systems for the Apache web-server
> vulnerability on your machine (surflets.mit.edu). Please take the update
> to remove the vulnerability. Be sure to set AUTOUPDATE = true, and you
> should probably join release-announce@mit.edu for notification of updates.
> If you have any questions regarding the update, e-mail release-team@mit.edu.
>
> Please be sure to keep the subject line intact for any further
> correspondence regarding this issue.
>
> Thanks,
>
> Javier Castro
> -for security@mit.edu