[UCI-Linux] [SECURITY] Fedora Core 3 Update: httpd-2.0.53-3.2

Mike Iglesias IGLESIAS at uci.edu
Tue Aug 2 14:22:19 PDT 2005

From: Joseph Orton <jorton at redhat.com>
To: fedora-announce-list at redhat.com
Date: Tue, 2 Aug 2005 14:02:23 -0400
Subject: [SECURITY] Fedora Core 3 Update: httpd-2.0.53-3.2

Fedora Update Notification

Product     : Fedora Core 3
Name        : httpd
Version     : 2.0.53                      
Release     : 3.2                  
Summary     : Apache HTTP Server
Description :
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the

Update Information:

This update includes version 2.0.53 of the Apache HTTP
server, and also adds security fixes for CVE CAN-2005-2088
and CVE CAN-2005-1268.
* Tue Jul 26 2005 Joe Orton <jorton at redhat.com> 2.0.53-3.2
- add security fix for C-L vs T-E handling (#162245, CVE CAN-2005-2088)
- mod_ssl: add security fix for CRL overflow (CVE CAN-2005-1268)
- mod_ssl: fix to enable output buffering (upstream #35279)
- mod_ssl: fix for picking up -shutdown options (upstream #34452)
- mod_include: fix variable corruption in nested includes (upstream #12655)
- mod_auth_digest: fix hostinfo comparison in CONNECT requests
- add piped logger fixes (w/Jeff Trawick)
- mod_userdir: fix memory allocation issue (upstream #34588)

* Mon Mar 21 2005 Joe Orton <jorton at redhat.com> 2.0.53-3.1
- update to 2.0.53
- apachectl: use runuser so "apachectl testconfig" produces output
- apachectl: restore use of $OPTIONS again (#115910)
- mod_ssl: set user from SSLUserName in access hook (upstream #31418)
- htdigest: fix permissions of created files (upstream #33765)
- httpd.init: refuse to restart if config syntax test fails

This update can be downloaded from:

ebb1ad874f28ba67a5836ff3618de90d  SRPMS/httpd-2.0.53-3.2.src.rpm
dd1929bd75029939f7f22da4eb090061  x86_64/httpd-2.0.53-3.2.x86_64.rpm
30bb95c39ec0aee58daa16ddf650d1c4  x86_64/httpd-devel-2.0.53-3.2.x86_64.rpm
485ad48e6b29bc4994df3e45b6b24418  x86_64/httpd-manual-2.0.53-3.2.x86_64.rpm
de1462c24a3833a58527c479c5a48b3e  x86_64/mod_ssl-2.0.53-3.2.x86_64.rpm
9c3c18b386cac3b7c6bfc09690590f49  x86_64/httpd-suexec-2.0.53-3.2.x86_64.rpm
402906de4433e1d93c294ccfec8d607e  x86_64/debug/httpd-debuginfo-2.0.53-3.2.x86_64.rpm
e665c28d559c855a26807eceabc0d2c8  i386/httpd-2.0.53-3.2.i386.rpm
31eaee49409f48d47a2416532f1c6b55  i386/httpd-devel-2.0.53-3.2.i386.rpm
62bce7ff6a437e447d84e77c9e1c6127  i386/httpd-manual-2.0.53-3.2.i386.rpm
4c46b1d02b1f05d1799aa2b9b30156ca  i386/mod_ssl-2.0.53-3.2.i386.rpm
7d91cb20ff7f748169f1c0bad5b56440  i386/httpd-suexec-2.0.53-3.2.i386.rpm
90152490a7c19bdfaf4f3030b141f414  i386/debug/httpd-debuginfo-2.0.53-3.2.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  

fedora-announce-list mailing list
fedora-announce-list at redhat.com

More information about the UCI-Linux mailing list