If a customer is affected we have to announce. Send it through and
I'll approve.
Date sent: Mon, 28 Jun 2004 12:48:37 +1000
Subject:[bulletproof.net.au #29025] [Comment] [SECURITY] [DSA 525-1]
New apache packages fix buffer overflow in mod_proxy
From: Sydney Grenzebach via RT [EMAIL PROTECTED]
Send reply to: [EMAIL PROTECTED]
BCC to:
https://rt.bulletproof.it/Ticket/Display.html?id=29025
This is a comment. It is not sent to the Requestor(s):
I am deciding (after checking with Kim) not to announce. It is not
very commonly used and only one of our customers is affected.
The mod_proxy module implements a proxy/gateway for Apache. It
implements proxying capability for FTP, CONNECT (for SSL), HTTP/0.9,
HTTP/1.0, and HTTP/1.1.
Bulletproof does not generally use this as a proxy. The only machines
that use this are the the new bluescopesteel direct boxes, they are
firewalled off though, and are stage servers (ie non production
machines)
In all other cases we use Squid on the boxes that need a proxy.
--
Sydney Grenzebach
Engineer
Bulletproof Networks
ph: +61 (0) 2 9663 9000
fax: +61 (0) 2 9662 4744
http://www.bulletproof.it/
Best Regards,
--
Lorenzo Modesto
Director
Bulletproof Networks
ph: +61 (0) 2 9663 9000
fax: +61 (0) 2 9662 4744
mob: +61 (0) 414 565 062
http://www.bulletproof.it/
This e-mail and any attachments are confidential and may be legally
privileged. Only the intended recipient may access or use it and no
confidentiality or privilege is waived or lost by mistaken
transmission. If you are not the intended recipient you must not
copy or disclose this email's contents to any person and you must
delete it and notify us immediately. Bulletproof Networks uses
virus scanning software but excludes all liability for viruses or
similar in any attachment as well as for any error or
incompleteness in the contents of this e-mail.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]