We've been running SGD for about 2 years. In that time I've not seen a single patch on the Sun website relating to any Apache vulnerabilities.
A patch was released yesterday for Apache2 relating to APR and a remote code execution. I've downloaded the latest version of Apache 2.2 and tried to compile on my SGD server (Running Sol 10u6) to no avail. CVE is http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2412 Can anyone shed some light on: a) how they keep their SGD service secured and up-to-date; and b) how they've patched Apache for this vulnerability. Thank you in advance, Andrew Nicols -- Systems Developer e: andrew.nic...@luns.net.uk im: a.nic...@jabber.lancs.ac.uk t: +44 (0)1524 5 10147 Lancaster University Network Services is a limited company registered in England and Wales. Registered number: 4311892. Registered office: University House, Lancaster University, Lancaster, LA1 4YW
signature.asc
Description: Digital signature
_______________________________________________ SGD-Users mailing list SGD-Users@filibeto.org http://www.filibeto.org/mailman/listinfo/sgd-users