Moritz Muehlenhoff wrote:
On Wed, Dec 13, 2006 at 10:08:21AM -0800, Mark Symonds wrote:
Package: libapache-mod-ssl
Version: 2.8.22-1sarge1
Severity: grave
Tags: security
Justification: user security hole
I haven't heard other reports about such crashes. Are all the machines identical
in the installed software; are all running plain Sarge?
Yes: identical Sarge boxen, in order to have the benefit of security
patches from Debian.
It suddenly stopped happening after I filed this bugreport, so who
knows... If some exploit launches into the wild a year from now, at
least we had this much. And I wonder if this isn't a buffer overflow
test against openssl instead of apache?
Anyway, feel free to close this bug and thanks much for your attention
(and your work). :-)
All the best,
Mark
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
