From: Eridani Star System <linux@eridani.co.uk>
To: eridani-announce@eridani.co.uk
Subject: [Eridani-Announce] ERISA-2002:006 - mod_ssl buffer overflow
Date: Thu, 7 Mar 2002 18:41:13 +0000 (GMT)
=========================================================================
ERIDANI LINUX - SECURITY ANNOUNCEMENT
=========================================================================
Package: apache
Summary: Security fix (buffer overflow) and version upgrade
Date: 2002-03-07
ID: ERISA-2002:006
=========================================================================
Problem description:
mod_ssl used by Apache uses OpenSSL for its SSL implementation. The
versions prior to this release made use of the OpenSSL library in such
a way which could overflow a buffer within that implementation.
-------------------------------------------------------------------------
Updated packages:
b9cee07468e443b1b655187ec20963db apache-1.3.23-1.src.rpm
8b8b09c3392db10b0313bc87d0ec3052 apache-1.3.23-1.i386.rpm
19cccc61b59e5b5070f4d74edf654949 apache-devel-1.3.23-1.i386.rpm
d5864e73e76ce33f6e60d402a690c6dc apache-manual-1.3.23-1.i386.rpm
ac1c18a7ef17d11f336cd940a1ae49e6 mod_ssl-2.8.7-1.i386.rpm
-------------------------------------------------------------------------
References:
http://online.securityfocus.com/archive/1/258646
=========================================================================
Packages available from ftp://ftp.eridani.co.uk/pub/Aeryn/
or by HTTP from http://ftp.eridani.co.uk/
Packages are signed with our GnuPG key, also on our FTP site.
Copyright (C)2002 Eridani Star System
-- Michael "Soruk" McConnell http://www.eridani.co.uk
Eridani Linux -- The Most Up-to-Date Red Hat-based Linux CDROMs Available
Email: linux@eridani.co.uk -- Also Debian, Slackware, Mandrake and more...
_______________________________________________
Eridani-Announce mailing list
To be removed from this list email linux@eridani.co.uk requesting removal.