![[LWN Logo]](/images/lcorner.png) |
|
![[Timeline]](/images/Included.png) |
Date: Wed, 25 Oct 2000 16:43:46 -0700
Subject: [IMNX-2000-042-01] Immunix OS Security Update for apache and php
To: BUGTRAQ@SECURITYFOCUS.COM
--QNDPHrPUIc00TOLW
Content-Type: text/plain; charset=us-ascii
Content-Disposition: attachment; filename=IMNX-2000-042-01
-----------------------------------------------------------------------
Immunix OS Security Advisory
Packages updated: apache, apache-devel, apache-manual, auth_ldap,
mod_perl, php-3, php-imap-3, php-ldap-3,
php-manual-3, php-pgsql-3
Date: October 25, 2000
Advisory ID: IMNX-2000-042-01
Author: Greg Kroah-Hartman <greg@wirex.com>
-----------------------------------------------------------------------
Description:
Redhat has put out an update to the apache package that fixes some
vulnerabilities in the mod_rewrite module, and a problem in the
virtual hosting facilities. They have also released an update to the
php3 package, fixing a potential exploit with a format string problem
in that package. See
http://www.redhat.com/support/errata/RHSA-2000-088-04.html for more
information.
Immunix has released the following packages for Immunix OS 6.2
(StackGuarded versions of the RedHat packages.)
Note, this advisory supersedes the previous Immunix OS advisory for
apache that was also released on October 25, 2000. No advisory id was
given for that release, as this is the first numbered advisory (thanks
to Kurt Seifried of securityportal.com for getting me to change this
behavior.)
Package names and locations:
Precompiled binary packages for Immunix 6.2 are available at:
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/apache-1.3.14-2.6.2_StackGuard.i386.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/apache-devel-1.3.14-2.6.2_StackGuard.i386.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/apache-manual-1.3.14-2.6.2_StackGuard.i386.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/auth_ldap-1.4.0-3_StackGuard.i386.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/mod_perl-1.23-3_StackGuard.i386.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/php-3.0.17-1.6.2_StackGuard.i386.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/php-imap-3.0.17-1.6.2_StackGuard.i386.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/php-ldap-3.0.17-1.6.2_StackGuard.i386.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/php-manual-3.0.17-1.6.2_StackGuard.i386.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/RPMS/php-pgsql-3.0.17-1.6.2_StackGuard.i386.rpm
Source packages for Immunix 6.2 are available at:
http://www.immunix.org:8080/ImmunixOS/6.2/updates/SRPMS/apache-1.3.14-2.6.2_StackGuard.src.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/SRPMS/auth_ldap-1.4.0-3_StackGuard.src.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/SRPMS/mod_perl-1.23-3_StackGuard.src.rpm
http://www.immunix.org:8080/ImmunixOS/6.2/updates/SRPMS/php-3.0.17-1.6.2_StackGuard.src.rpm
md5sums of the packages:
705d663b8138deb44683e5fc09a33352 apache-1.3.14-2.6.2_StackGuard.i386.rpm
bb57ef75304f86b94ef8dcc3c19e53d1 apache-devel-1.3.14-2.6.2_StackGuard.i386.rpm
c38c180f0a4b8654c982d9b55a6c955e apache-manual-1.3.14-2.6.2_StackGuard.i386.rpm
fea5e8cf5fe1141fa6edb0061a4faa32 auth_ldap-1.4.0-3_StackGuard.i386.rpm
464e5dd88e2dca51183f3c45f574372e mod_perl-1.23-3_StackGuard.i386.rpm
2159fc9100ecafe5e42c61dfe65bb426 php-3.0.17-1.6.2_StackGuard.i386.rpm
646d80c45e12ad615a1823a5c8226c7c php-imap-3.0.17-1.6.2_StackGuard.i386.rpm
e17818313e2a8b4fe86470b829fb189c php-ldap-3.0.17-1.6.2_StackGuard.i386.rpm
4c553b0a437e8ccc5ca420332c71017e php-manual-3.0.17-1.6.2_StackGuard.i386.rpm
57cf12777a542017d952bdf558a14733 php-pgsql-3.0.17-1.6.2_StackGuard.i386.rpm
7715fa21cfae8fc7360d5543427ba729 apache-1.3.14-2.6.2_StackGuard.src.rpm
f718507913ed320d14fa166f1192ddc9 auth_ldap-1.4.0-3_StackGuard.src.rpm
8fe49a8a67092698cc5c74839a087acb mod_perl-1.23-3_StackGuard.src.rpm
cbe4a2c0f40e84776895f80276a51dc2 php-3.0.17-1.6.2_StackGuard.src.rpm
--QNDPHrPUIc00TOLW
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE593AyAl5ylTeuKpURAgG1AKCMkg5RZ/olifsQ8GEPZi3ODbGFqgCgklvm
Wlgyl3a5KdwFIuBZiqHQhXM=
=1BJi
-----END PGP SIGNATURE-----
--QNDPHrPUIc00TOLW--