Normally, I would say the answer is "yes, you need to download the source and build your own." Since I'm in the process of doing that myself, I'll have updated Apache and mod_ssl RPMs available this afternoon. I'll post a note as to where they can be obtained when I have them built.
Note that these will _not_ have been tested in any way. Install them first on a test machine, i.e., the usual drill for software from an unknown source. Mark Post -----Original Message----- From: Marist EDU [mailto:[EMAIL PROTECTED]] Sent: Monday, June 24, 2002 9:22 AM To: [EMAIL PROTECTED] Subject: Apache vulnerability on version 1.3.12 We are running SuSE 7.0 (kernel 2.2.16) on the 390 under z/VM. On of my co-workers ran across this article: http://www.infoworld.com/articles/hn/xml/02/06/20/020620hnapache.xml?0620thp m Basic problem is there's a security flaw in 1.3.12 and we need to get upgraded. I've checked www.apache.org for an RPM for the 390 but they haven't released it yet and there's no indication of how long it will be. Do we have to build from source and try to upgrade that way or does anyone out there have an RPM built with for the latest apache 1.3.26? Any help, suggestions, criticism is appreciated. Josh Konkol, CNE MCSE Senior Network Analyst GuideOne Insurance Mail Stop AB-1 515-267-2427 [EMAIL PROTECTED] .~. /V\ /( )\ ^^-^^