"SDiZ \(UHome\)" <[EMAIL PROTECTED]> writes: >> The German publish Heise claims that this patch does not fix the >> vulnerability, see: >> >> http://www.heise.de/newsticker/data/pab-20.06.02-000/ >> >> But I hope this is an editorial error. :-/ >> > > Do you means the one-line patch from ISS ? > That patch don't work.
Yes, that's known, of course. > The one in apache offical 1.3.26 works. The article above claims that only this one works, a previous version explicitly claimed that the Debian fix was incorrect. -- Florian Weimer [EMAIL PROTECTED] University of Stuttgart http://CERT.Uni-Stuttgart.DE/people/fw/ RUS-CERT fax +49-711-685-5898 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]