-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
modssl is built into the 2.x.x apache versions. your consultant must be asking you to upgrade full apache version<s>.
the 1.3.x apache tree still has a separate modssl base to add and build off of. This should not be a concern for you since you are running the newer apache tree.
Thanks, Ron DuFresne On Tue, 1 Apr 2008, Sir June wrote:
I have a Solaris box with Apache 2.2.3 and mod_ssl 2.2.3. Our security consultant ran a vulnerability software and the report recommended to upgrade to mod_ssl 2.8.24 or higher. Is this possible ? as i only see releases for Apache 1.3.x What are your recommendations? thanks, Sir june ____________________________________________________________________________________ You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost. http://tc.deals.yahoo.com/tc/blockbuster/text5.com
- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com http://sysinfo.com Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629 ...We waste time looking for the perfect lover instead of creating the perfect love. -Tom Robbins <Still Life With Woodpecker> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFH8lYmst+vzJSwZikRAm6YAJ9e9NwNJu8sGjuFE3CcnljNI3kVxgCfXl4x R0NJeZnoKQpRfqrff0Xir+o= =sIQZ -----END PGP SIGNATURE----- ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List modssl-users@modssl.org Automated List Manager [EMAIL PROTECTED]