2010年2月 3日

[installer 2232] apache-1.3.42

apache-1.3.42 が出ています。

mod_proxy のセキュリティホールの修正が含まれています。
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0010
http://site.pi3.com.pl/adv/mod_proxy.txt
参照のこと。

☆ apache-1.3.42

http://httpd.apache.org/
http://www.apache.org/dist/httpd/Announcement1.3.html
http://www.apache.org/dist/httpd/apache_1.3.42.tar.gz

Changes with Apache 1.3.42

*) SECURITY: CVE-2010-0010 (cve.mitre.org)
mod_proxy: Prevent chunk-size integer overflow on platforms
where sizeof(int) < sizeof(long). Reported by Adam Zabrocki.
[Colm MacCárthaigh]

*) IMPORTANT: This is the final release of Apache httpd 1.3.
Apache httpd 1.3 has reached end of life, as of January 2010.
No further releases of this software will be made, although critical
security updates may be made available as patches from the following
website:

http://www.apache.org/dist/httpd/patches/

Apache 1.3.x users who wish to avail of security releases,
bug-fixes and community support are advised to use Apache 2.2
or higher.

Information on upgrading is available from the following website:

http://httpd.apache.org/docs/2.2/upgrading.html

Thank you to everyone who helped make Apache 1.3.x the most
successful, and most used, webserver software on the planet!
[Apache httpd group]

*) Protect logresolve from mismanaged DNS records that return
blank/null hostnames. [Jim Jagielski]

----
こがよういちろう


投稿者 xml-rpc : 2010年2月 3日 14:25
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/93027
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。