On Thu, Jun 20, 2002 at 01:29:04PM +1000, John wrote: | There's now an exploit in the wild for Apache (the chunked whatever | bug). The DSA mentions an update which is version 1.3.9-14.1 | | We need a version > 1.2.12, and are running 1.3.23 from woody. Is there | any idea where a patched 1.3.23 for woody might be? Or should I install | from source from apache.org?
Woody currently has 1.3.24-3 (as does sid). (at least, according to the mirror I use) Nonetheless, the DSA says it affects 64-bit architectures. It sounds like if you're not using a 64-bit system (eg SPARC or ia64) then you aren't vulnerable. <quote> ... might allow arbitrary code execution on 64 bit architectures. </quote> -D -- A violent man entices his neighbor and leads him down a path that is not good. Proverbs 16:29 http://dman.ddts.net/~dman/
pgpiGdokHtzQR.pgp
Description: PGP signature