Can someone clarify for me, please (not directly debian related, I know,
but...) - the patches appear to only be to the chunk-encoding functions
in mod_proxy. If mod_proxy isn't loaded, is apache still vulnerable?
KJL
On Thu, 2002-06-20 at 20:30, Paul Hosking wrote:
> On Wed, 2002-06-19 at 06:57
I've had this problem before with apache spontaneously seg faulting when
trying to execute it. I know we all hate killing the uptime but if I
rebooted it would solve the problem.
brendan
John Foster wrote:
John Foster wrote:
Well. I had been having some wierd issues with Apache since m
On Sat, 22 Jun 2002 16:45:05 -0400
"Phillip Hofmeister" <[EMAIL PROTECTED]> wrote:
> On Sat, Jun 22, 2002 at 09:07:37PM +0100, Matthew Sackman wrote:
> > If you could draw up a list of packages that needs to be dealt with by
> > this new system then I would be glad to work through them in a couple
On Sat, Jun 22, 2002 at 12:21:12AM -0500, Steve Langasek wrote:
> Hello Matthew,
>
> I'm glad to see others thinking along the same lines. However,
> precisely because of the nature of the issues surrounding such packages
> -- the need for frequent updates even when running stable, the fact that
On Sat, Jun 22, 2002 at 09:07:37PM +0100, Matthew Sackman wrote:
> If you could draw up a list of packages that needs to be dealt with by
> this new system then I would be glad to work through them in a couple of
> weeks and work out which files are the ones that need new packages
> creating for th
On Sat, Jun 22, 2002 at 07:50:07PM +0200, Dietmar Goldbeck wrote:
> It is very difficult to help you without error messages, since there
> shouldn't be a problem. openssh 3.0.2 and 3.2.3 play perfectly well
> with each other.
There weren't any error messages, otherwise I would have provided them.
On Sat, Jun 22, 2002 at 08:27:58AM -0500, Steve Langasek wrote:
> On Sat, Jun 22, 2002 at 06:24:39PM +1200, Nick Phillips wrote:
> > On Sat, Jun 22, 2002 at 12:21:12AM -0500, Steve Langasek wrote:
>
> > > I think it shouldn't be /too/ hard to find other developers interested
> > > in working on th
John Foster wrote:
>
> Well. I had been having some wierd issues with Apache since my last
> upgrade in Woody. I decided to go ahead and get the new security
> upgrades. No problem with the install but I am now getting these
> messages when I try to start Apache. Any suggestions as my server i
Well. I had been having some wierd issues with Apache since my last
upgrade in Woody. I decided to go ahead and get the new security
upgrades. No problem with the install but I am now getting these
messages when I try to start Apache. Any suggestions as my server is
down completely at present.
On Sat, Jun 22, 2002 at 02:20:20AM -0500, Rob VanFleet wrote:
> I am trying to use RSA authentication between different machines, but
> I'm running into trouble between machines running different versions of
> ssh.
>
> Machine A is running unstable with OpenSSH 3.0.2p1, and it is trying to
> conne
> Run apt-get update first, or use a mirror where it's been
> uploaded like ftp.us.debian.org
I still couldn't pull it via an apt-get update/upgrade, so I used wget:
# wget
ftp://ftp.us.debian.org/debian/pool/main/a/apache/apache_1.3.26-0woody1_
i386.deb
# wget
ftp://ftp.us.debian.org/debian/poo
>I have said it before and I will say it again. If security is highly
>important to you, run "stable". If you want to run a non-released version on
>an important server, do so at your own risk (knowing it will take a while to
>get security updates).
>
>Look at it this way, watching bugtraq thi
Previously Martin WHEELER wrote:
> [EMAIL PROTECTED]:~# apt-get -t unstable install apache apache-common
> Reading Package Lists... Done
> Building Dependency Tree... Done
> Sorry, apache is already the newest version.
> Sorry, apache-common is already the newest version.
> 0 packages upgraded, 0 n
On Sat, 22 Jun 2002 13:22:19 + (UTC)
Martin WHEELER <[EMAIL PROTECTED]> wrote:
>
>
> > I've installed unstable packages on woody, it runs fine.
> >
> > apt-get -t unstable install apache apache-common
>
> [EMAIL PROTECTED]:~# apt-get -t unstable install apache apache-common
> Reading Packag
Hi,
You did remember to do an update didn't you? What version of the
package do you have installed?
$ dpkg -l apache
Tim
On Sat, Jun 22, 2002 at 01:22:19PM +, Martin WHEELER wrote:
> On Sat, 22 Jun 2002, Alain Tesio wrote:
>
> > I've installed unstable packages on woody, it runs fine.
> >
On Sat, Jun 22, 2002 at 06:24:39PM +1200, Nick Phillips wrote:
> On Sat, Jun 22, 2002 at 12:21:12AM -0500, Steve Langasek wrote:
> > I think it shouldn't be /too/ hard to find other developers interested
> > in working on this...
> For example, I intend in the near-ish future to make up-to-date m
On Sat, 22 Jun 2002, Alain Tesio wrote:
> I've installed unstable packages on woody, it runs fine.
>
> apt-get -t unstable install apache apache-common
[EMAIL PROTECTED]:~# apt-get -t unstable install apache apache-common
Reading Package Lists... Done
Building Dependency Tree... Done
Sorry, apach
On 22 Jun 2002 03:20:53 +0200
Guille -bisho- <[EMAIL PROTECTED]> wrote:
> I'm worried about the serious bug found in Apache reciently.
>
> Debian currently has only provided a patch for the stable version.
> Anybody knows were I can get preliminar packages or something like that
> of apache 1.3.2
Hi,
> Any ideas as to how to make the different versions understand each
> other?
Well I already encountered this. In fact upgrading the oldest openssh
solved the problem.
Good luck,
Phil
--
Philippe Hétroy, [EMAIL PROTECTED]
http://solaire.dyndns.org/
"A successful tool is one that was used t
I am trying to use RSA authentication between different machines, but
I'm running into trouble between machines running different versions of
ssh.
Machine A is running unstable with OpenSSH 3.0.2p1, and it is trying to
connect to machine B running stable, with a compiled from source ssh,
version 3
On Sat, Jun 22, 2002 at 03:55:46PM +1200, Matthew Grant wrote:
> o It is placed in non-US, as the security scanning software uses
> encryption in lots of places.
Uh, crypto is allowed to go on ftp-master now, since we've got all the
US government's notification requirements handled. It's better fo
On Sat, Jun 22, 2002 at 12:21:12AM -0500, Steve Langasek wrote:
> I think it shouldn't be /too/ hard to find other developers interested
> in working on this...
For example, I intend in the near-ish future to make up-to-date mailscanner
.debs available whether or not any other bunch of packages d
On Sat, Jun 22, 2002 at 03:20:53AM +0200, Guille -bisho- wrote:
>
> I'm worried about the serious bug found in Apache reciently.
>
> Debian currently has only provided a patch for the stable version.
> Anybody knows were I can get preliminar packages or something like that
> of apache 1.3.26?
>
This message is just to measure the delay between posting a message to a
Debian list, and having it cached on groups.google.com
Thank you for your patience :)
--
\ David B. Harris, Systems administrator | http://www.ter
Hello Matthew,
I'm glad to see others thinking along the same lines. However,
precisely because of the nature of the issues surrounding such packages
-- the need for frequent updates even when running stable, the fact that
this data should *not* be shipped on CDs, the relatively small mirror
requ
25 matches
Mail list logo