[7589] in bugtraq
Debian Apache Security Update
daemon@ATHENA.MIT.EDU (Johnie Ingram)
Mon Aug 10 11:33:34 1998
Date: Sat, 8 Aug 1998 00:53:00 -0400
Reply-To: Johnie Ingram <johnie@NETGOD.NET>
From: Johnie Ingram <johnie@NETGOD.NET>
To: BUGTRAQ@NETSPACE.ORG
-----BEGIN PGP SIGNED MESSAGE-----
A security problem has been found in apache. It allows users to crash
the webserver from a remote system, and should be fixed as soon as
possible.
Debian 2.0 and "slink"
- ----------------------
i386:
wget http://ftp1.us.debian.org/debian/security/apache_1.3.1-3_i386.deb
wget http://ftp1.us.debian.org/debian/security/apache-common_1.3.1-3_i3=
86.deb
dpkg -B --install apache_1.3.1-3_i386.deb apache-common_1.3.1-3_i386.de=
b
alpha:
wget http://ftp1.us.debian.org/debian/security/apache_1.3.1-3_alpha.deb
wget http://ftp1.us.debian.org/debian/security/apache-common_1.3.1-3_al=
pha.deb
dpkg -B --install apache_1.3.1-3_alpha.deb apache-common_1.3.1-3_alpha.=
deb
SPARC:
wget http://ftp1.us.debian.org/debian/security/apache-common_1.3.1-3_sp=
arc.deb
wget http://ftp1.us.debian.org/debian/security/apache_1.3.1-3_sparc.deb
dpkg -B --install apache_1.3.1-3_sparc.deb apache-common_1.3.1-3_sparc.=
deb
automatic upgrades:
Our tier 1 mirrors already have the additional files needed for an auto=
matic
dselect or apt upgrade:
* http://www.uk.debian.org/debian/ (Europe)
* http://debian.midco.net/debian/ (South Dakota)
* http://llug.sep.bnl.gov/debian/ (New York)
* http://ftp1.us.debian.org/debian/ (Michigan)
NOTE: This will break the libapache-mod-perl and php3 packages
released with Debian 2.0. A mod_perl DSO suitable for Apache 1.3.1 is
on all mirror sites in the "slink" distribution.
Thanks to Dag-Erling Sm=81=F8rgrav for finding this bug, and Ben Laurie=
for
fixing it.
d4dfe92f16137d8763581baa8669e518 apache-common_1.3.1-3_alpha.deb
f29124cbfbc283d50074184274a5e831 apache-common_1.3.1-3_i386.deb
22a48cab0455aba52fc25d0202844de8 apache-common_1.3.1-3_sparc.deb
e8361b3ce0da4653c009ecdc950e3ff6 apache-dev_1.3.1-3_all.deb
7be5af08b716366c9d0701b4e3c31fa8 apache-doc_1.3.1-3_all.deb
07f0d80e6811cfeb5b266a5f03c634ec apache_1.3.1-3_alpha.deb
105f07e5e4a8d4e059bcf8e06a1aa1ef apache_1.3.1-3_i386.deb
9244e8de9ade54f32ee35b4b5a38776b apache_1.3.1-3_sparc.deb
- --------------------- PGP E4 70 6E 59 80 6A F5 78 63 32 BC FB 7A 0=
8 53 4C
__ _ Debian GNU Johnie Ingram <johnie@netgod.net> mm=
mm
/ /(_)_ __ _ ___ __ "netgod" irc.debian.org m=
m mm
/ / | | '_ \| | | \ \/ / m=
m m
/ /__| | | | | |_| |> < Yes, I'm Linus, and I am your God. mm=
mm
\____/_|_| |_|\__,_/_/\_\ -- Linus, keynote address, Expo 98 GO=
BLUE
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: latin1
iQCVAwUBNcvZhhCswmGWXGp9AQHfWAQAjz87EI9iWE48yn08cwleNIEA3gLiFjOo
lhP+1L+15eJ+oJQbcgTcnvA4W7iDhEU5LnCxoPSRFanX+4RZK9wG60JlhopLINRT
lxP7vkj8KJTxPLKJGh4PST7Stz2xmbf3AB5VNBApU8JLbzwFFyWz9G+JITTO9/b4
7+0UY4aB3QA=3D
=3Dc2yu
-----END PGP SIGNATURE-----
