Hello,
When installing apache2.2 from binary packages in my OS ive seen that
it is dependant of theBerkeley DB package. Is this actually needed
by the apache core? or is it a result of enabling a certain module i
can actually disable??
Where could i get the list of dependencies for a minimal
Hello,
I have this configure line:
CONFIGURE_ARGS+=
--prefix=${HTTPD_DIR} \
--exec-prefix=${LOCALBASE} \
--sysconfdir=${CONFDIR} \
--with-apr=${LOCALBASE}/bin/apr-1-mt-config \
Hello,
Ive seen that 2.2.14 comes with a patch for the recent SSL
renegotiation vulnerability. Could anybody tell me if there is a patch
available for apache 2.2.13 .. iam not ready to update yet.
Thank you.
David
-
The
Hello,
A portion of our users are coming in our sites with a query string get var.
I want to read that VAR and convert it to a cookie for permanent use in the
future.
How do I read a get var and pass it to mod_headers ?
Btw, for those of you who wonder why we are not doing this with mod_rewrite
Greetings William,
On Thu, Sep 10, 2009 at 8:18 PM, William A. Rowe, Jr.
wr...@rowe-clan.netwrote:
No, you misinterpreted; the application developer must expose a DoS/memory
exhaustion vector; where that exists, and the affected version of APR
is used, and the information written to the
Hello,
I run apache 2.2.9 apache 2.2.11 both with apr-1.2.11p2
apr-util-1.2.10p2
According to the CVE at
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412 only 0.9.x and
1.3.x are affected . Could anybody confirm that this is so? If not.. how
bad is this vulnerability to a
Hello William.
You mentioned as far as APR causing a DoS, how about the execution of
arbitrary code through apache as the CVE says..?
Thank you
Daniel
On Thu, Sep 10, 2009 at 6:54 PM, William A. Rowe, Jr.
wr...@rowe-clan.netwrote:
David Taveras wrote:
I run apache 2.2.9 apache 2.2.11
Hello,
I have a site that uses mod_rewrite for URLs... id like to include a
tracking cookie for users that are entering via URLs made by mod_rewrite.
The problem is that the cookie isnt getting passed through the mod_rewrite
URL.
Ive been told (and tested) that Apache2 mod_rewrite does indeed
Hello,
Iam still a user of apache 2.2.9 and wish to know what vulnerabilites this
version is exposed to aisde from: CVE-2008-2939
Is there any site, where I can get an accurate listing? CVE site seems
confusing and I just wonder if there is something more practical.
Thank you.
Daniel