[SECURITY] Fedora Core 1 Test Update: httpd-2.0.51-1.1

Joe Orton jorton at redhat.com
Fri Sep 17 16:29:05 UTC 2004 

Please add any feedback from testing these packages to:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=132741

---------------------------------------------------------------------
Fedora Test Update Notification
FEDORA-2004-312
2004-09-17
---------------------------------------------------------------------

Product     : Fedora Core 1
Name        : httpd
Version     : 2.0.51                      
Release     : 1.1                  
Summary     : Apache HTTP Server
Description :
Apache is a powerful, full-featured, efficient, and freely-available
Web server. Apache is also the most popular Web server on the
Internet.

---------------------------------------------------------------------

This update includes the latest stable release of Apache httpd 2.0,
including fixes for possible denial of service issues in mod_ssl and
mod_dav_fs, and an privilege elevation attack for local users.

---------------------------------------------------------------------

* Wed Sep 15 2004 Joe Orton <jorton at redhat.com> 2.0.51-1.1

- update to 2.0.51, including security fixes for:
 * core: CAN-2004-0747
 * mod_dav_fs: CAN-2004-0809
 * mod_ssl: CAN-2004-0751, CAN-2004-0748

* Thu Jul 01 2004 Joe Orton <jorton at redhat.com> 2.0.50-1.0

- update to 2.0.50 (CVE CAN-2004-0488, CAN-2004-0493, #126864, #125047)
- mod_autoindex: don't truncate output on stat() failure (#126930)

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/1/

642d77814c7dc35df5712378ef633f21  SRPMS/httpd-2.0.51-1.1.src.rpm
55214981f0eef135ba34eab2723e49b3  x86_64/httpd-2.0.51-1.1.x86_64.rpm
66be67022f1ccf365ac294a88da21ff9  x86_64/httpd-devel-2.0.51-1.1.x86_64.rpm
d0cdd881b5a566b878434ac56b53e51d  x86_64/httpd-manual-2.0.51-1.1.x86_64.rpm
ba00b408c0119e32f34157340d8294b2  x86_64/mod_ssl-2.0.51-1.1.x86_64.rpm
41e453cef41c19caf5fcbd3a9bbe0666  x86_64/debug/httpd-debuginfo-2.0.51-1.1.x86_64.rpm
ec0eb8af7cc9b6cc75da6852b3eb8296  i386/httpd-2.0.51-1.1.i386.rpm
d7a033b29c3767521919ac366a4f3355  i386/httpd-devel-2.0.51-1.1.i386.rpm
d7900fe46e9aece2c736a34babeb0ab5  i386/httpd-manual-2.0.51-1.1.i386.rpm
f6826cf1089a845c50164850cadbd596  i386/mod_ssl-2.0.51-1.1.i386.rpm
ffb638210db155b4b5710113373d27f1  i386/debug/httpd-debuginfo-2.0.51-1.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.  You may 
need to edit your up2date channels configuration.  Within 
/etc/sysconfig/rhn/sources enable the following line: 
yum updates-testing http://fedora.redhat.com/updates/testing/fedora-core-1
---------------------------------------------------------------------

More information about the test mailing list