From:	 Eridani Star System <linux@eridani.co.uk>
To:	 eridani-announce@eridani.co.uk
Subject: [Eridani-Announce] ERISA-2002:006 - mod_ssl buffer overflow
Date:	 Thu, 7 Mar 2002 18:41:13 +0000 (GMT)

=========================================================================
		ERIDANI LINUX - SECURITY ANNOUNCEMENT
=========================================================================

Package:	apache
Summary:	Security fix (buffer overflow) and version upgrade
Date:		2002-03-07
ID:		ERISA-2002:006

=========================================================================

Problem description:
  mod_ssl used by Apache uses OpenSSL for its SSL implementation.  The
  versions prior to this release made use of the OpenSSL library in such
  a way which could overflow a buffer within that implementation.

-------------------------------------------------------------------------
Updated packages:

  b9cee07468e443b1b655187ec20963db  apache-1.3.23-1.src.rpm

  8b8b09c3392db10b0313bc87d0ec3052  apache-1.3.23-1.i386.rpm
  19cccc61b59e5b5070f4d74edf654949  apache-devel-1.3.23-1.i386.rpm
  d5864e73e76ce33f6e60d402a690c6dc  apache-manual-1.3.23-1.i386.rpm
  ac1c18a7ef17d11f336cd940a1ae49e6  mod_ssl-2.8.7-1.i386.rpm

-------------------------------------------------------------------------
References:

  http://online.securityfocus.com/archive/1/258646

=========================================================================

Packages available from ftp://ftp.eridani.co.uk/pub/Aeryn/
or by HTTP from http://ftp.eridani.co.uk/

Packages are signed with our GnuPG key, also on our FTP site.

Copyright (C)2002 Eridani Star System

-- Michael "Soruk" McConnell                       http://www.eridani.co.uk
Eridani Linux  --  The Most Up-to-Date Red Hat-based Linux CDROMs Available
Email: linux@eridani.co.uk -- Also Debian, Slackware, Mandrake and more...


_______________________________________________
Eridani-Announce mailing list
To be removed from this list email linux@eridani.co.uk requesting removal.