On Thu, Jul 01, 2004 at 12:51:49AM -0500, Albert Chin wrote: > On Wed, Jun 30, 2004 at 10:59:01PM -0500, Edward Rudd wrote: > > On Wed, 30 Jun 2004 20:58:32 -0500, Albert Chin wrote: > > > > > If 2.0.50 addresses "one security vulnerability", why are two listed? > > > I thought CAN-2004-0488 was for 1.3.x? > > > > Someone probably miscounted.. And CAN-2004-0488 applied to mod_ssl for > > 1.3.x AND for mod_ssl in 2.0.x. > > Ok, thanks. I presume the patch below fixes CAN-2004-0488.
Yes, that's right, ssl_engine_kernel.c r1.105->r1.106 is all that's needed. joe
