As the person who found and has thoroughly tested this bug, I can confirm
firsthand that this isn't just a case of apache being vulnerable with -F! I
specifically mentioned using the init script in the original report over a
month ago, not -F. That is, the circumstances required to exploit this
**
*Are you searching for a Partner? / For you / your Son/ Daughter/ Sister/
Brother/ Relative / Friend / Neighbor?*
Forget all your troubles, Discard all your worries. Here is happy news for
you!
We welcome you to *m4me.com*. Let us introduce ourselves.
*m4me.com* is a private and
Am Mittwoch, den 28.02.2007, 19:45 -0800 schrieb Russ Allbery:
Daniel Leidert [EMAIL PROTECTED] writes:
Package: apache
Followup-For: Bug #357561
Why isn't anybody of the official maintainers reacting or commenting on
this bug? There are 3(!) completely undocumented downgrades of a
Joey Hess wrote:
On the third hand, this bug has documented a security hole with exploit
in apache for about 2 weeks without any reaction from its maintainers,
and was open for many months before that without any reaction from them.
If apache isn't being maintained, it might be better to drop
4 matches
Mail list logo