On Fri, 20 Sep 2002 [EMAIL PROTECTED] wrote:
> > I've just upgraded OpenSSL 0.9.6d to 0.9.6g on FreeBSD, but Apache
> > says that it's running OpenSSL 0.9.6a! Where is this version number
> > and how to change it?
>
> to get it right, you should recomplie apache and php to show the correct
> ver
On Mon, 16 Sep 2002, Ivelin Ivanov wrote:
> http://www.modssl.org/contrib/ftp/contrib/Apache-2.0.39-Mod_SSL-OpenSSL-0.9.
> 6d-Win32.zip
Absolutely positively *do not* use this version. Apache 2.0.39 has
serious vulnerabilities on Win32, and OpenSSL 0.9.6d has serious
vulnerabilities on any plat
Thanks John for your reply. Yes I want to
alias directories. Basically I have a directory structure n deep and I
have to reference common directories, but I don't
want to do this relatively (e.g ../.../../TargetDirectory). I want to use
absolute
directories using the Alias command/dire
Hi,
The following message occurred about 11 times in the ssl error log in a space of about
40 minutes, during which time no other activity was reported in the logs.
"Attempt to free unreferenced scalar during global destruction"
The apache_1.3.26/mod_ssl-2.8.10-1.3.26/openssl-0.9.6g server h
Martin Nyberg writes:
> Hi !
>
> I've just upgraded OpenSSL 0.9.6d to 0.9.6g on FreeBSD, but Apache says
> that it's running OpenSSL 0.9.6a!
>
> Where is this version number and how to change it?
>
> I read somewhere in the archive that a solution might be to recompile
> PHP... But what
Martin,
Actually, you may need to recompile Apache (w/ PHP if you need that.)
When building Apache from sources, you have to specify where the OpenSSL
libraries are installed. If you happened to not use the ones specified
by the RPM and used OpenSSL sources, upgrading the RPM will not help you
a
Hi !
I've just upgraded OpenSSL 0.9.6d to 0.9.6g on FreeBSD, but Apache says
that it's running OpenSSL 0.9.6a!
Where is this version number and how to change it?
I read somewhere in the archive that a solution might be to recompile
PHP... But what does PHP have to do with Apache (something I
Due to unaviodable circumstances, I am away from the office until the Monday 30th
September 2002
I will get back to you as soon as i can on my return.
If it's an urgent Online Learning Support Unit / Web/ MUBSWEB/ MUBS Online matter
that requires urgent attention then please contact either K
On Fri, Sep 20, 2002 at 09:20:41AM -0700, David Buerer wrote:
> I feel like an idiot this morning...but not more than six months ago I
> installed apache+openssl+modssl on an NT machine and I downloaded the binary
> build from somewhere. For the life of me thought, I can not find the site!
> Anyo
Are you looking for the apache site?
apache.org is the place to start? they have links to any other apache
related projects from there.
- Original Message -
From:
David
Buerer
To: '[EMAIL PROTECTED]'
Sent: Friday, September 20, 2002 12:20
PM
Subject: Windows
I feel like an idiot
this morning...but not more than six months ago I installed
apache+openssl+modssl on an NT machine and I downloaded the binary build from
somewhere. For the life of me thought, I can not find the site! Anyone
have any ideas? I am trying to find an updated version with
Title: http + https
I’m trying to configure my server to use SSL just for requests to a specific directory.
I’ve read the manuals, installed mod_ssl + certificate and all seemed to be working fine,
HTTP access to the server at large goes ahead and http accesses to the ‘secured’ directory are
I'm running 1.3.26; I re-tried the opensa precompiled apache and used their
httpd.conf vice mine and I think I may have narrowed it down to an
incompatibility with the mod_ntlm.so module that I'm loading in my
httpd.conf. If I don't load that module I can get it to run on NT 4.0. Why
it's causing
Apache 1.3.26, which comes with the OpenSA release I referred to.
- Geoff
> -Original Message-
> From: Paul Bleimeyer [mailto:[EMAIL PROTECTED]]
> Sent: Thursday, September 19, 2002 6:42 PM
> To: [EMAIL PROTECTED]
> Subject: RE: Mod_SSL_2.8.10 and OpenSSL_0.9.6g
>
>
> Geoff,
>
> Are y
Hi,
I have a problem using Apache/mod_ssl 2.0.39 as a SSL reverse proxy to
connect to a SSL Server.
|HTTP Client|-http>|Reverse Proxy|https>|Web Server|
There is a Client Certificate on the Reverse Proxy which must be presented
to the Web Server for authentication. But I
> The previous openssl errata at
> http://rhn.redhat.com/errata/RHSA-2002-160.html has no mention of the
> buffer overflows fixed on July 30th. This package was built on August
> 1st, so it is unlikely to include the 0.9.6d patches due to the time lag
> of testing patches by Red Hat.
On the www.r
So why do your telephone support people not know about this? They advised me
to log it on bugzilla in the first place. Why isn't this page linked to from
your errata site? That's where people look for updates. Why no information
to CERT or Bugtraq?
You're beginning to make Microsoft look professi
Further to my previous posting, I have been informed by Red Hat of the
following:
"http://rhn.redhat.com/errata/RHSA-2002-155.html was released on the 29th of
July
and fixed the vulnerability that the Linux Slapper worm takes advantage of.
We
released a new version of OpenSSL a little later that
On Fri, Sep 20, 2002 at 11:07:18AM +0100, [EMAIL PROTECTED] wrote:
> The previous openssl errata at
> http://rhn.redhat.com/errata/RHSA-2002-160.html has no mention of the buffer
> overflows fixed on July 30th. This package was built on August 1st, so it is
> unlikely to include the 0.9.6d patches
You can disregard the following email if you don't use Red Hat Linux 7.0 and
above.
Having waited for an update to openssl from RedHat, I decided to call them.
They've not had anyone ask them for an update, which came as a bit of a
shock. I have therefore registered a request to release an update
20 matches
Mail list logo
