On Wed, Oct 23, 2002 at 11:15:19AM +0200, Ralf S. Engelschall wrote:
> Because of a found Cross-Side-Scripting (XSS) bug in mod_ssl, the fixed
> maintainance version mod_ssl 2.8.12 is available for use with Apache
> 1.3.27.
Thanks!
...but the snakeoil certificates are still expired:
% openssl x5
On Wed, Oct 23, 2002 at 11:32:53AM +0200, Courtin Bert wrote:
> is there any information available regarding the mentioned
> potential Cross-Side-Scripting bug?
> (Any CERT/CC Advisory CA-x, BUGTRAQ-Messages etc...)
Hi, here are the details:
Versions of mod_ssl older than 2.8.12 suffer from a
Hi list,
is there any information available regarding the mentioned
potential Cross-Side-Scripting bug?
(Any CERT/CC Advisory CA-x, BUGTRAQ-Messages etc...)
Thanks in advance & kind regards,
B. Courtin
> -Original Message-
> From: Ralf S. Engelschall [mailto:rse@;engelschall.com]