John Iliffe schrieb:
On Thursday 24 May 2012 13:05:10 Luke Lozier wrote:
One of the PCI scanning companies is demanding an upgrade to 2.4.2 due
to the issues described in this CVE: Changes with Apache 2.2.23
*) SECURITY: CVE-2012-0883 (cve.mitre.org)
envvars: Fix insecure handling
On Friday 25 May 2012 03:05:20 Hendrik Schmieder wrote:
John Iliffe schrieb:
On Thursday 24 May 2012 13:05:10 Luke Lozier wrote:
One of the PCI scanning companies is demanding an upgrade to 2.4.2
due to the issues described in this CVE: Changes with Apache 2.2.23
*) SECURITY:
One of the PCI scanning companies is demanding an upgrade to 2.4.2 due to the
issues described in this CVE:
Changes with Apache 2.2.23
*) SECURITY: CVE-2012-0883 (cve.mitre.org)
envvars: Fix insecure handling of LD_LIBRARY_PATH that could lead to the
current working directory to be
I got caught the same way in March (re PCI scanning). Guess my guy is more
up to date than yours!
There should be no reason that I found not to update to 2.4.2 BUT BE
CAREFUL OF THE CONFIG FILE CHANGES! For example the order deny allow
format directives no longer work in 2.4.*. There are a
The upgrade to 2.4.2 is non-trivial in my environment (particularly due to the
config changes) and if 2.2.23 is going to patch it, I'd just as soon wait. Thus
the request for some guess at release date.
But that's likely not forthcoming, so I'll reconsider the upgrade.
---
Bibliopolis, LLC
On May 24, 2012 13:05 , Luke Lozier l...@bibliopolis.com wrote:
One of the PCI scanning companies is demanding an upgrade to 2.4.2 due
to the issues described in this CVE:
Changes with Apache 2.2.23
*) SECURITY: CVE-2012-0883 (cve.mitre.org http://cve.mitre.org)
envvars: Fix insecure
On 5/24/2012 12:05 PM, Luke Lozier wrote:
One of the PCI scanning companies is demanding an upgrade to 2.4.2 due to the
issues
described in this CVE:
Changes with Apache 2.2.23
*) SECURITY: CVE-2012-0883 (cve.mitre.org http://cve.mitre.org)
envvars: Fix insecure handling of