As you've hopefully recognized, the ASF released Apache 1.3.27, which includes important security fixes. The corresponding mod_ssl 2.8.11 for this version is now available, too.
Fetch it from: http://www.modssl.org/source/ ftp://ftp.modssl.org/source/ Ralf S. Engelschall [EMAIL PROTECTED] www.engelschall.com Changes with mod_ssl 2.8.11 (24-Jun-2002 to 04-Oct-2002) *) Upgraded to Apache 1.3.27. *) Fixed internal error handling for CRL verification. *) Initialize OpenSSL ENGINE before initializing OpenSSL to workaround problems with the PRNG. *) Also find "openssl" executable in "sbin" directories. *) Honor specified number of maximum bytes on SSLRandomSeed if reading from EGD. *) Fixed generation of SSL_CLIENT_CERT_CHAIN_[0-9] variables. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]