---

Fedora Core Advisory: httpd


Fedora Update Notification
FEDORA-2004-204
2004-07-19


Product : Fedora Core 2
Name : httpd
Version : 2.0.50
Release : 2.1
Summary : Apache HTTP Server

Description :
Apache is a powerful, full-featured, efficient, and
freely-available Web server. Apache is also the most popular Web
server on the Internet.


Update Information:

This update includes the latest stable release of Apache httpd
2.0, including security fixes for a remotely triggerable memory
leak (CVE CAN-2004-0493), and a buffer overflow in mod_ssl which
can be triggered only by a (trusted) client certificate with a long
subject DN field (CVE CAN-2004-0488).


  • Tue Jun 29 2004 Joe Orton <jorton@redhat.com> 2.0.50-2.1
    • update to 2.0.50
    • mod_autoindex: don’t truncate output on stat() failure
      (#126930)

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

88f76a8960e558ea9cd0f833ec26ecbf
SRPMS/httpd-2.0.50-2.1.src.rpm
b21369e9d1ad14bde9f8cdd474d4e576
x86_64/httpd-2.0.50-2.1.x86_64.rpm
b31e0fc8d050a42ab13c82feedc01b1b
x86_64/httpd-devel-2.0.50-2.1.x86_64.rpm
d40fc1d0f89cc86ebec838639ba37ea1
x86_64/httpd-manual-2.0.50-2.1.x86_64.rpm
5fa5e5728b8dedc20b2704de1bd37840
x86_64/mod_ssl-2.0.50-2.1.x86_64.rpm
6e65479828eb9e8a4c7b2424ebf39495
x86_64/debug/httpd-debuginfo-2.0.50-2.1.x86_64.rpm
da86a44426edabbadceae2d58fc0b1d5 i386/httpd-2.0.50-2.1.i386.rpm
000b8fc928195440856420091c33b9ec
i386/httpd-devel-2.0.50-2.1.i386.rpm
4b062f1003cf3d203a408133e8f160c5
i386/httpd-manual-2.0.50-2.1.i386.rpm
92a8f9747563aa50abc842aba1d65bc3
i386/mod_ssl-2.0.50-2.1.i386.rpm
aa1210b75b36033a7bc55b47a86e2539
i386/debug/httpd-debuginfo-2.0.50-2.1.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.



Fedora Update Notification
FEDORA-2004-203
2004-07-19


Product : Fedora Core 1
Name : httpd
Version : 2.0.50
Release : 1.0
Summary : Apache HTTP Server

Description :
Apache is a powerful, full-featured, efficient, and
freely-available Web server. Apache is also the most popular Web
server on the Internet.


Update Information:

This update includes the latest stable release of Apache httpd
2.0, including security fixes for a remotely triggerable memory
leak (CVE CAN-2004-0493), and a buffer overflow in mod_ssl which
can be triggered only by a (trusted) client certificate with a long
subject DN field (CVE CAN-2004-0488).


  • Thu Jul 01 2004 Joe Orton <jorton@redhat.com> 2.0.50-1.0
    • update to 2.0.50 (CVE CAN-2004-0488, CAN-2004-0493, #126864,
      #125047)
    • mod_autoindex: don’t truncate output on stat() failure
      (#126930)

This update can be downloaded from:

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/

a5786025381c7ddf245157d815db77df
SRPMS/httpd-2.0.50-1.0.src.rpm
72838969ae685149f394bd7aa22f1d1e
x86_64/httpd-2.0.50-1.0.x86_64.rpm
e8f54a359eb76fd784a76ab046f6a816
x86_64/httpd-devel-2.0.50-1.0.x86_64.rpm
ec851a779096d42208066a1284032f60
x86_64/httpd-manual-2.0.50-1.0.x86_64.rpm
542234c3e5c4d32b1f6bb5d511512f33
x86_64/mod_ssl-2.0.50-1.0.x86_64.rpm
e89824f441e4b12f1f21113665f8d334
x86_64/debug/httpd-debuginfo-2.0.50-1.0.x86_64.rpm
4ab7626097cc2715e39f153e151de084 i386/httpd-2.0.50-1.0.i386.rpm
57bb0c618a201a11f71fbd8f7421d445
i386/httpd-devel-2.0.50-1.0.i386.rpm
3e80b67e35b974659b38791838f7182e
i386/httpd-manual-2.0.50-1.0.i386.rpm
3c51c55cde33e0976ca30451342a6354
i386/mod_ssl-2.0.50-1.0.i386.rpm
82de5f02ed600ba4a489c0f96bb15d4d
i386/debug/httpd-debuginfo-2.0.50-1.0.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the ‘up2date’ command.


Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis