On Fri, Jun 21, 2002 at 02:29:30AM -0400, Joshua Lee wrote: > On Thu, 20 Jun 2002 19:59:20 -0700 > Terry Lambert <[EMAIL PROTECTED]> wrote: > > > Patrick Thomas wrote: > > > Is it possible to patch/recompile FreeBSD 4.5 in such a way that your > > > system is no longer vulnerable to the "chunking" attack, even if you are > > > still running a vulnerable apache ? > > Why not upgrade Apache...?? Both the 1 and 2 series have been updated I think. (I'm >a newbie at server stuff, so bear with me if I made a faux pas.)
The apache13+ipv6 port has not, because the last ipv6 patchset is available for 1.13.22. > > The way you would deal with this would be to tell Apache that it > > was an HTTP 1.0 server, since chunking is an HTTP 1.1 feature. > > > > The only place this is an issue is if you need to reuse an HTTP > > connection, and that only occurs in HTTP 1.1 when you are doing > > pipelining. Everywhere else, you can indicate an end of data > > Mozilla has an option to enable http pipelining as a performance option. I regularly >used this, maybe I shouldn't? It should fallback. -- B.Walter COSMO-Project http://www.cosmo-project.de [EMAIL PROTECTED] Usergroup [EMAIL PROTECTED] To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-hackers" in the body of the message
