NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > FreeBSD Security> 2002-04

From: Barney Wolff (barneydatabus.com)
Date: Sat Apr 06 2002 - 13:32:43 CST

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I don't understand the status of "Not yet fixed." The advisory says
mod_ssl versions < 2.8.7 have the bug, while 2.8.8 is the port
distfile as of 3/28/02. What am I missing?

On Fri, Apr 05, 2002 at 07:12:24AM -0800, FreeBSD Security Advisories wrote:
> +------------------------------------------------------------------------+
> Port name: apache13-ssl, apache13-modssl
> Affected: all versions of apache+ssl
> all versions of apache+mod_ssl
> Status: Not yet fixed.
> Buffer overflows in SSL session cache handling.
> <URL:http://www.apache-ssl.org/advisory-20020301.txt>
> <URL:http://archives.neohapsis.com/archives/bugtraq/2002-02/0313.html>

-- Barney Wolff I never met a computer I didn't like.

To Unsubscribe: send mail to majordomoFreeBSD.org with "unsubscribe freebsd-security" in the body of the message

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]