[prev in list] [next in list] [prev in thread] [next in thread] 

List:       apache-modssl
Subject:    [ANNOUNCE] mod_ssl 2.8.19 for Apache 1.3.31
From:       "Ralf S. Engelschall" <rse () engelschall ! com>
Date:       2004-07-16 20:42:07
Message-ID: 20040716204207.GA45678 () engelschall ! com
[Download RAW message or body]

We've today found an ssl_log() related format string vulnerability in
the mod_proxy hook functions of mod_ssl for Apache 1.3.x (mod_ssl for
Apache 2.x is not affected). A mod_ssl 2.8.19 for Apache 1.3.31 was
created which fixes this potential security hole.

Get mod_ssl-2.8.19-1.3.31.tar.gz from:

o http://www.modssl.org/source/
o  ftp://ftp.modssl.org/source/

Yours,
                                       Ralf S. Engelschall
                                       rse@engelschall.com
                                       www.engelschall.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            majordomo@modssl.org
[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic