On 04/ 2/10 02:07 PM, Ken Mays wrote:
Mark, Thanks for that update. I filed a separate bug for the update to Apache 2.2.15 which is also affected - since IPS 134 has Apache 2.2.14 and I didn't see the update in SFW yet. This affects the current Oracle Sun Web Stack as well (currently Apache 2.2.14).
Ok. Don't be surprised if its closed as a dup of an existing CR. I imagine the Apache team (like the OpenSSL team) tracks sec vulnerabilities in upstream code very closely.
Thanks, -M _______________________________________________ indiana-discuss mailing list indiana-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/indiana-discuss