On Thu, Jun 20, 2002 at 01:29:04PM +1000, John wrote: | There's now an exploit in the wild for Apache (the chunked whatever | bug). The DSA mentions an update which is version 1.3.9-14.1 | | We need a version > 1.2.12, and are running 1.3.23 from woody. Is there | any idea where a patched 1.3.23 for woody might be? Or should I install | from source from apache.org?
Woody currently has 1.3.24-3 (as does sid). (at least, according to
the mirror I use)
Nonetheless, the DSA says it affects 64-bit architectures. It sounds
like if you're not using a 64-bit system (eg SPARC or ia64) then you
aren't vulnerable.
<quote>
... might allow arbitrary code execution on 64 bit architectures.
</quote>
-D
--
A violent man entices his neighbor
and leads him down a path that is not good.
Proverbs 16:29
http://dman.ddts.net/~dman/
pgpiGdokHtzQR.pgp
Description: PGP signature
