From: John (isofronicc.uoi.gr)
Date: Thu Jul 28 2005 - 03:02:12 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Reto Inversini <inversinidatacomm.ch>
To: suse-securitysuse.com
Date: Wednesday, July 27, 2005, 11:02:54 PM
Subject: [suse-security] apache2 patch

  Wednesday, July 27, 2005, 11:02:54 PM, you wrote:

> John wrote:
>> hello all

> Hi John

>>
>> I noticed that /usr/sbin/httpd2-prefork has new timestamp (22/jul) but
>> the same size (in bytes) with the older one.

> AFAIK the patch was just a small one, the vulnerability is a off-by-one
> error in mod_ssl. What exactly has changed can be found here:

> http://svn.apache.org/viewcvs.cgi/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c?rev=179781&view=diff&r1=179781&r2=179780&p1=httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c&p2=/httpd/httpd/trunk/modules/ssl/ssl_engine_kernel.c

>> Can anyone explain to me what does this mean?
>> How the patch has fit in that binary and the size remains the same?
>>

> If you want to be totally sure, if you have got the changed binary in
> your chroot environment calculate an md5 hash over the old and the new
> file, the md5sums should differ.

> Regards
> Reto

Ok, i saw that piece of code.
But how the binary be the same

YOU downloaded the apache2-prefork*.rpm and apache2-*.rpm

The above rpms installed at once. So the old binaries must have been
overwriten but they have the same size excactly.

md5sum outputs the hash of the file size
I will then receive the same hash for the old and the new binary
httpd2-prefork, won't i?

--
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]