Home page logo
/

bugtraq logo Bugtraq mailing list archives

TSLSA-2002-0069-apache
From: tsl () trustix com (Trustix Secure Linux Advisor)
Date: Thu, 17 Oct 2002 13:16:46 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Trustix Secure Linux Security Advisory #2002-0069

Package name:      apache
Summary:           New upstram version
Date:              2002-10-17
Affected versions: TSL 1.1, 1.2, 1.5

- --------------------------------------------------------------------------
Package description:
  Apache is a full featured web server that is freely available, and also
  happens to be the most widely used.

  Built with loadable modules (all standard modules enabled).
  This version is intended as a replacement for a standard apache, the
  configuration files provided with apache and apache-ssl are unchanged.
  

Problem description:
  From the official release announcement:

  This version of Apache is principally a security and bug fix release. A 
  summary of the bug fixes is given at the end of this document. Of particular 
  note is that 1.3.27 addresses and fixes 3 security vulnerabilities.


Action:
  We recommend that all systems with this package installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


Location:
  All TSL updates are available from
  <URI:http://www.trustix.net/pub/Trustix/updates/>
  <URI:ftp://ftp.trustix.net/pub/Trustix/updates/>


About Trustix Secure Linux:
  Trustix Secure Linux is a small Linux distribution for servers. With focus on
  security and stability, the system is painlessly kept safe and up to date 
  from day one using swup, the automated software updater.


Automatic updates:
  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.

  Get SWUP from:
  <URI:ftp://ftp.trustix.net/pub/Trustix/software/swup/>


Public testing:
  These packages have been available for public testing for some time.
  If you want to contribute by testing the various packages in the
  testing tree, please feel free to share your findings on the
  tsl-discuss mailinglist.
  The testing tree is located at
  <URI:http://www.trustix.net/pub/Trustix/testing/>
  <URI:ftp://ftp.trustix.net/pub/Trustix/testing/>
  

Questions?
  Check out our mailing lists:
  <URI:http://www.trustix.net/support/>


Verification:
  This advisory along with all TSL packages are signed with the TSL sign key.
  This key is available from:
  <URI:http://www.trustix.net/TSL-GPG-KEY>

  The advisory itself is available from the errata pages at
  <URI:http://www.trustix.net/errata/trustix-1.2/> and
  <URI:http://www.trustix.net/errata/trustix-1.5/>
  or directly at
  <URI:http://www.trustix.net/errata/misc/2002/TSL-2002-0069-apache.asc.txt>


MD5sums of the packages:
- --------------------------------------------------------------------------
c7b60fadd324f30d84f9b6ce6aaa878d  ./1.5/SRPMS/apache-1.3.27-1tr.src.rpm
a46e8277b631d865330419816326661b  ./1.5/RPMS/apache-devel-1.3.27-1tr.i586.rpm
7e5fd11668667693df8220ddf2f0e485  ./1.5/RPMS/apache-1.3.27-1tr.i586.rpm
c7b60fadd324f30d84f9b6ce6aaa878d  ./1.2/SRPMS/apache-1.3.27-1tr.src.rpm
ae84621e628be3f42d181f802d3638a4  ./1.2/RPMS/apache-devel-1.3.27-1tr.i586.rpm
607eeebf80e607fc91e0c993e8650429  ./1.2/RPMS/apache-1.3.27-1tr.i586.rpm
c7b60fadd324f30d84f9b6ce6aaa878d  ./1.1/SRPMS/apache-1.3.27-1tr.src.rpm
7ace4d73b68de2996b9b55ca843c4501  ./1.1/RPMS/apache-devel-1.3.27-1tr.i586.rpm
5199e66e2d3cd4dab9af39817ec46ae1  ./1.1/RPMS/apache-1.3.27-1tr.i586.rpm
- --------------------------------------------------------------------------


Trustix Security Team

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE9rnduwRTcg4BxxS0RAgnbAJ9beRBkJM7zq4NkMN//2lweHt8KvwCfYbQv
7eJjKaTjn8UsJB/WzfMWrXM=
=p/sm
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
  • TSLSA-2002-0069-apache Trustix Secure Linux Advisor (Oct 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]