CORE 2:

Fedora Update Notification
FEDORA-2004-204
2004-07-19
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : httpd
Version     : 2.0.50                      
Release     : 2.1                  
Summary     : Apache HTTP Server
Description :
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.

---------------------------------------------------------------------
Update Information:

This update includes the latest stable release of Apache httpd 2.0,
including security fixes for a remotely triggerable memory leak 
(CVE CAN-2004-0493), and a buffer overflow in mod_ssl which can be
triggered only by a (trusted) client certificate with a long subject
DN field (CVE CAN-2004-0488).

---------------------------------------------------------------------
* Tue Jun 29 2004 Joe Orton <jorton@redhat.com> 2.0.50-2.1

- update to 2.0.50
- mod_autoindex: don't truncate output on stat() failure (#126930)

---------------------------------------------------------------------
This update can be downloaded from:
    

88f76a8960e558ea9cd0f833ec26ecbf  SRPMS/httpd-2.0.50-2.1.src.rpm
b21369e9d1ad14bde9f8cdd474d4e576  x86_64/httpd-2.0.50-2.1.x86_64.rpm
b31e0fc8d050a42ab13c82feedc01b1b  x86_64/httpd-devel-2.0.50-2.1.x86_64.rpm
d40fc1d0f89cc86ebec838639ba37ea1  x86_64/httpd-manual-2.0.50-2.1.x86_64.rpm
5fa5e5728b8dedc20b2704de1bd37840  x86_64/mod_ssl-2.0.50-2.1.x86_64.rpm
6e65479828eb9e8a4c7b2424ebf39495  x86_64/debug/httpd-debuginfo-2.0.50-2.1.x86_64.rpm
da86a44426edabbadceae2d58fc0b1d5  i386/httpd-2.0.50-2.1.i386.rpm
000b8fc928195440856420091c33b9ec  i386/httpd-devel-2.0.50-2.1.i386.rpm
4b062f1003cf3d203a408133e8f160c5  i386/httpd-manual-2.0.50-2.1.i386.rpm
92a8f9747563aa50abc842aba1d65bc3  i386/mod_ssl-2.0.50-2.1.i386.rpm
aa1210b75b36033a7bc55b47a86e2539  i386/debug/httpd-debuginfo-2.0.50-2.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

CORE 1:

Fedora Update Notification
FEDORA-2004-203
2004-07-19
---------------------------------------------------------------------

Product     : Fedora Core 1
Name        : httpd
Version     : 2.0.50                      
Release     : 1.0                  
Summary     : Apache HTTP Server
Description :
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.

---------------------------------------------------------------------
Update Information:

This update includes the latest stable release of Apache httpd 2.0,
including security fixes for a remotely triggerable memory leak 
(CVE CAN-2004-0493), and a buffer overflow in mod_ssl which can be
triggered only by a (trusted) client certificate with a long subject
DN field (CVE CAN-2004-0488).

---------------------------------------------------------------------
* Thu Jul 01 2004 Joe Orton <jorton@redhat.com> 2.0.50-1.0

- update to 2.0.50 (CVE CAN-2004-0488, CAN-2004-0493, #126864, #125047)
- mod_autoindex: don't truncate output on stat() failure (#126930)

---------------------------------------------------------------------
This update can be downloaded from:
    

a5786025381c7ddf245157d815db77df  SRPMS/httpd-2.0.50-1.0.src.rpm
72838969ae685149f394bd7aa22f1d1e  x86_64/httpd-2.0.50-1.0.x86_64.rpm
e8f54a359eb76fd784a76ab046f6a816  x86_64/httpd-devel-2.0.50-1.0.x86_64.rpm
ec851a779096d42208066a1284032f60  x86_64/httpd-manual-2.0.50-1.0.x86_64.rpm
542234c3e5c4d32b1f6bb5d511512f33  x86_64/mod_ssl-2.0.50-1.0.x86_64.rpm
e89824f441e4b12f1f21113665f8d334  x86_64/debug/httpd-debuginfo-2.0.50-1.0.x86_64.rpm
4ab7626097cc2715e39f153e151de084  i386/httpd-2.0.50-1.0.i386.rpm
57bb0c618a201a11f71fbd8f7421d445  i386/httpd-devel-2.0.50-1.0.i386.rpm
3e80b67e35b974659b38791838f7182e  i386/httpd-manual-2.0.50-1.0.i386.rpm
3c51c55cde33e0976ca30451342a6354  i386/mod_ssl-2.0.50-1.0.i386.rpm
82de5f02ed600ba4a489c0f96bb15d4d  i386/debug/httpd-debuginfo-2.0.50-1.0.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.

Fedora: 2,1: httpd Multiple vulnerabilities

July 22, 2004
This patch fixes a remotely triggerable memory leak and a buffer overflow vulnerability.

Summary

Apache is a powerful, full-featured, efficient, and freely-available

Web server. Apache is also the most popular Web server on the

Internet.

Apache is a powerful, full-featured, efficient, and freely-available

Web server. Apache is also the most popular Web server on the

Internet.

Update Information:

This update includes the latest stable release of Apache httpd 2.0, including security fixes for a remotely triggerable memory leak (CVE CAN-2004-0493), and a buffer overflow in mod_ssl which can be triggered only by a (trusted) client certificate with a long subject DN field (CVE CAN-2004-0488).

* Tue Jun 29 2004 Joe Orton <jorton@redhat.com> 2.0.50-2.1

- update to 2.0.50 - mod_autoindex: don't truncate output on stat() failure (#126930)

This update can be downloaded from:


88f76a8960e558ea9cd0f833ec26ecbf SRPMS/httpd-2.0.50-2.1.src.rpm b21369e9d1ad14bde9f8cdd474d4e576 x86_64/httpd-2.0.50-2.1.x86_64.rpm b31e0fc8d050a42ab13c82feedc01b1b x86_64/httpd-devel-2.0.50-2.1.x86_64.rpm d40fc1d0f89cc86ebec838639ba37ea1 x86_64/httpd-manual-2.0.50-2.1.x86_64.rpm 5fa5e5728b8dedc20b2704de1bd37840 x86_64/mod_ssl-2.0.50-2.1.x86_64.rpm 6e65479828eb9e8a4c7b2424ebf39495 x86_64/debug/httpd-debuginfo-2.0.50-2.1.x86_64.rpm da86a44426edabbadceae2d58fc0b1d5 i386/httpd-2.0.50-2.1.i386.rpm 000b8fc928195440856420091c33b9ec i386/httpd-devel-2.0.50-2.1.i386.rpm 4b062f1003cf3d203a408133e8f160c5 i386/httpd-manual-2.0.50-2.1.i386.rpm 92a8f9747563aa50abc842aba1d65bc3 i386/mod_ssl-2.0.50-2.1.i386.rpm aa1210b75b36033a7bc55b47a86e2539 i386/debug/httpd-debuginfo-2.0.50-2.1.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

CORE 1:

Fedora Update Notification FEDORA-2004-203 2004-07-19

Product : Fedora Core 1 Name : httpd Version : 2.0.50 Release : 1.0 Summary : Apache HTTP Server Description : Apache is a powerful, full-featured, efficient, and freely-available Web server. Apache is also the most popular Web server on the Internet.


This update includes the latest stable release of Apache httpd 2.0, including security fixes for a remotely triggerable memory leak (CVE CAN-2004-0493), and a buffer overflow in mod_ssl which can be triggered only by a (trusted) client certificate with a long subject DN field (CVE CAN-2004-0488).

* Thu Jul 01 2004 Joe Orton <jorton@redhat.com> 2.0.50-1.0

- update to 2.0.50 (CVE CAN-2004-0488, CAN-2004-0493, #126864, #125047) - mod_autoindex: don't truncate output on stat() failure (#126930)

This update can be downloaded from:


a5786025381c7ddf245157d815db77df SRPMS/httpd-2.0.50-1.0.src.rpm 72838969ae685149f394bd7aa22f1d1e x86_64/httpd-2.0.50-1.0.x86_64.rpm e8f54a359eb76fd784a76ab046f6a816 x86_64/httpd-devel-2.0.50-1.0.x86_64.rpm ec851a779096d42208066a1284032f60 x86_64/httpd-manual-2.0.50-1.0.x86_64.rpm 542234c3e5c4d32b1f6bb5d511512f33 x86_64/mod_ssl-2.0.50-1.0.x86_64.rpm e89824f441e4b12f1f21113665f8d334 x86_64/debug/httpd-debuginfo-2.0.50-1.0.x86_64.rpm 4ab7626097cc2715e39f153e151de084 i386/httpd-2.0.50-1.0.i386.rpm 57bb0c618a201a11f71fbd8f7421d445 i386/httpd-devel-2.0.50-1.0.i386.rpm 3e80b67e35b974659b38791838f7182e i386/httpd-manual-2.0.50-1.0.i386.rpm 3c51c55cde33e0976ca30451342a6354 i386/mod_ssl-2.0.50-1.0.i386.rpm 82de5f02ed600ba4a489c0f96bb15d4d i386/debug/httpd-debuginfo-2.0.50-1.0.i386.rpm

This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.

Change Log

References

CORE 2: Fedora Update Notification FEDORA-2004-204 2004-07-19 Product : Fedora Core 2 Name : httpd Version : 2.0.50 Release : 2.1 Summary : Apache HTTP Server Description : Apache is a powerful, full-featured, efficient, and freely-available Web server. Apache is also the most popular Web server on the Internet.

Update Instructions

Severity
Product : Fedora Core 2
Name : httpd
Version : 2.0.50
Release : 2.1
Summary : Apache HTTP Server
Product : Fedora Core 1
Name : httpd
Version : 2.0.50
Release : 1.0
Summary : Apache HTTP Server

Related News

30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved