[UCI-Linux] Joe Orton: [SECURITY] Fedora Core 1 Update: httpd-2.0.50-1.0

Mike Iglesias IGLESIAS at uci.edu
Tue Jul 20 09:46:59 PDT 2004 

------- Forwarded Message

Return-Path: fedora-announce-list-bounces at redhat.com
Delivery-Date: Mon Jul 19 11:58:28 2004
Received: from mta6.service.uci.edu (mta6.service.uci.edu [128.200.220.15])
	by draco.acs.uci.edu (8.12.8/8.12.8) with ESMTP id i6JIwPiK029961
	for <iglesias at draco.acs.uci.edu>; Mon, 19 Jul 2004 11:58:25 -0700
Received: (from daemon at localhost)
	by mta6.service.uci.edu (8.11.4-20030923/8.11.2) id i6JIwPD19387
	for iglesias at draco.acs.uci.edu.xyzzy; Mon, 19 Jul 2004 11:58:25 -0700 (PDT)
Received: (from daemon at localhost)
	by mta6.service.uci.edu (8.11.4-20030923/8.11.2) id i6JIwP019382
	for iglesias at uci.edu.xyzzy; Mon, 19 Jul 2004 11:58:25 -0700 (PDT)
Received: from hormel.redhat.com (hormel.redhat.com [209.132.177.30])
	by mta6.service.uci.edu (8.11.4-20030923/8.11.2) with ESMTP id i6JIvVP18191
	for <iglesias at uci.edu>; Mon, 19 Jul 2004 11:57:31 -0700 (PDT)
Received: from listman.util.phx.redhat.com (listman.util.phx.redhat.com [10.8.4.110])
	by hormel.redhat.com (Postfix) with ESMTP
	id 31B6472EDD; Mon, 19 Jul 2004 14:57:27 -0400 (EDT)
Received: from int-mx1.corp.redhat.com (int-mx1.corp.redhat.com
	[172.16.52.254])
	by listman.util.phx.redhat.com (8.12.10/8.12.10) with ESMTP id
	i6JIqSXW001102
	for <fedora-announce-list at listman.util.phx.redhat.com>;
	Mon, 19 Jul 2004 14:52:28 -0400
Received: (from mail at localhost)
	by int-mx1.corp.redhat.com (8.11.6/8.11.6) id i6JIqRx26489
	for fedora-announce-list at listman.util.phx.redhat.com;
	Mon, 19 Jul 2004 14:52:27 -0400
Received: from radish.cambridge.redhat.com (radish.cambridge.redhat.com
	[172.16.18.90])
	by int-mx1.corp.redhat.com (8.11.6/8.11.6) with ESMTP id i6JIqQa26483
	for <fedora-announce-list at redhat.com>; Mon, 19 Jul 2004 14:52:27 -0400
Received: from radish.cambridge.redhat.com (localhost.localdomain [127.0.0.1])
	by radish.cambridge.redhat.com (8.12.10/8.12.7) with ESMTP id
	i6JIqQ7m004397
	for <fedora-announce-list at redhat.com>; Mon, 19 Jul 2004 19:52:26 +0100
Received: (from jorton at localhost)
	by radish.cambridge.redhat.com (8.12.10/8.12.10/Submit) id
	i6JIqQXw004396
	for fedora-announce-list at redhat.com; Mon, 19 Jul 2004 19:52:26 +0100
Date: Mon, 19 Jul 2004 19:52:26 +0100
From: Joe Orton <jorton at redhat.com>
To: fedora-announce-list at redhat.com
Message-ID: <20040719185225.GA4372 at redhat.com>
Mime-Version: 1.0
User-Agent: Mutt/1.4.1i
X-loop: fedora-announce-list at redhat.com
X-Mailman-Approved-At: Mon, 19 Jul 2004 14:57:24 -0400
Subject: [SECURITY] Fedora Core 1 Update: httpd-2.0.50-1.0
X-BeenThere: fedora-announce-list at redhat.com
X-Mailman-Version: 2.1.5
Precedence: junk
Reply-To: fedora-list at redhat.com
List-Id: Announcements related to the Fedora Project
	<fedora-announce-list.redhat.com>
List-Unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-announce-list>, 
	<mailto:fedora-announce-list-request at redhat.com?subject=unsubscribe>
List-Archive: </archives/fedora-announce-list>
List-Post: <mailto:fedora-announce-list at redhat.com>
List-Help: <mailto:fedora-announce-list-request at redhat.com?subject=help>
List-Subscribe: <http://www.redhat.com/mailman/listinfo/fedora-announce-list>, 
	<mailto:fedora-announce-list-request at redhat.com?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1612164027=="
Sender: fedora-announce-list-bounces at redhat.com
Errors-To: fedora-announce-list-bounces at redhat.com
X-UCIRVINE-MailScanner: No viruses found
X-DRACO-MailScanner: Not checked for viruses
Status: O
X-Status: 
X-Keywords:                  
X-UID: 8


- --===============1612164027==
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="9jxsPFA5p3P2qPhR"
Content-Disposition: inline


- --9jxsPFA5p3P2qPhR
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

- ---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-203
2004-07-19
- ---------------------------------------------------------------------

Product     : Fedora Core 1
Name        : httpd
Version     : 2.0.50                     =20
Release     : 1.0                 =20
Summary     : Apache HTTP Server
Description :
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.

- ---------------------------------------------------------------------
Update Information:

This update includes the latest stable release of Apache httpd 2.0,
including security fixes for a remotely triggerable memory leak=20
(CVE CAN-2004-0493), and a buffer overflow in mod_ssl which can be
triggered only by a (trusted) client certificate with a long subject
DN field (CVE CAN-2004-0488).

- ---------------------------------------------------------------------
* Thu Jul 01 2004 Joe Orton <jorton at redhat.com> 2.0.50-1.0

- - update to 2.0.50 (CVE CAN-2004-0488, CAN-2004-0493, #126864, #125047)
- - mod_autoindex: don't truncate output on stat() failure (#126930)

- ---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

a5786025381c7ddf245157d815db77df  SRPMS/httpd-2.0.50-1.0.src.rpm
72838969ae685149f394bd7aa22f1d1e  x86_64/httpd-2.0.50-1.0.x86_64.rpm
e8f54a359eb76fd784a76ab046f6a816  x86_64/httpd-devel-2.0.50-1.0.x86_64.rpm
ec851a779096d42208066a1284032f60  x86_64/httpd-manual-2.0.50-1.0.x86_64.rpm
542234c3e5c4d32b1f6bb5d511512f33  x86_64/mod_ssl-2.0.50-1.0.x86_64.rpm
e89824f441e4b12f1f21113665f8d334  x86_64/debug/httpd-debuginfo-2.0.50-1.0.x=
86_64.rpm
4ab7626097cc2715e39f153e151de084  i386/httpd-2.0.50-1.0.i386.rpm
57bb0c618a201a11f71fbd8f7421d445  i386/httpd-devel-2.0.50-1.0.i386.rpm
3e80b67e35b974659b38791838f7182e  i386/httpd-manual-2.0.50-1.0.i386.rpm
3c51c55cde33e0976ca30451342a6354  i386/mod_ssl-2.0.50-1.0.i386.rpm
82de5f02ed600ba4a489c0f96bb15d4d  i386/debug/httpd-debuginfo-2.0.50-1.0.i38=
6.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command. =20
- ---------------------------------------------------------------------

- --9jxsPFA5p3P2qPhR
Content-Type: application/pgp-signature
Content-Disposition: inline

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFA/BhpR/aWnQ5EzwwRAikgAJkBVNOTOpCs7J2j3RlZ/XqkMHjROQCgx6bU
X7QLEbLl4fObB6xg+Wc3EF8=
=S+2B
- -----END PGP SIGNATURE-----

- --9jxsPFA5p3P2qPhR--



- --===============1612164027==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

- --
fedora-announce-list mailing list
fedora-announce-list at redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list

- --===============1612164027==--


------- End of Forwarded Message

More information about the UCI-Linux mailing list