[SECURITY] Fedora Core 2 Update: httpd-2.0.50-2.1

Joe Orton jorton at redhat.com
Mon Jul 19 18:53:10 UTC 2004 

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-204
2004-07-19
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : httpd
Version     : 2.0.50                      
Release     : 2.1                  
Summary     : Apache HTTP Server
Description :
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.

---------------------------------------------------------------------
Update Information:

This update includes the latest stable release of Apache httpd 2.0,
including security fixes for a remotely triggerable memory leak 
(CVE CAN-2004-0493), and a buffer overflow in mod_ssl which can be
triggered only by a (trusted) client certificate with a long subject
DN field (CVE CAN-2004-0488).

---------------------------------------------------------------------
* Tue Jun 29 2004 Joe Orton <jorton at redhat.com> 2.0.50-2.1

- update to 2.0.50
- mod_autoindex: don't truncate output on stat() failure (#126930)

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

88f76a8960e558ea9cd0f833ec26ecbf  SRPMS/httpd-2.0.50-2.1.src.rpm
b21369e9d1ad14bde9f8cdd474d4e576  x86_64/httpd-2.0.50-2.1.x86_64.rpm
b31e0fc8d050a42ab13c82feedc01b1b  x86_64/httpd-devel-2.0.50-2.1.x86_64.rpm
d40fc1d0f89cc86ebec838639ba37ea1  x86_64/httpd-manual-2.0.50-2.1.x86_64.rpm
5fa5e5728b8dedc20b2704de1bd37840  x86_64/mod_ssl-2.0.50-2.1.x86_64.rpm
6e65479828eb9e8a4c7b2424ebf39495  x86_64/debug/httpd-debuginfo-2.0.50-2.1.x86_64.rpm
da86a44426edabbadceae2d58fc0b1d5  i386/httpd-2.0.50-2.1.i386.rpm
000b8fc928195440856420091c33b9ec  i386/httpd-devel-2.0.50-2.1.i386.rpm
4b062f1003cf3d203a408133e8f160c5  i386/httpd-manual-2.0.50-2.1.i386.rpm
92a8f9747563aa50abc842aba1d65bc3  i386/mod_ssl-2.0.50-2.1.i386.rpm
aa1210b75b36033a7bc55b47a86e2539  i386/debug/httpd-debuginfo-2.0.50-2.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  
---------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/announce/attachments/20040719/59950a98/attachment.bin

More information about the announce mailing list