New Apache packages for Slackware are available to fix a security issue.
From the Apache site:
"While testing for Oracle vulnerabilities, Mark Litchfield discovered a
denial of service attack for Apache on Windows. Investigation by the
Apache Software Foundation showed that this issue has a wider scope, which
on some platforms results in a denial of service vulnerability, while on
some other platforms presents a potential a remote exploit vulnerability."
The complete text of the Apache announcement may be found here:
http://httpd.apache.org/info/security_bulletin_20020617.txt
The Common Vulnerabilities and Exposures project (cve.mitre.org/) has
assigned the name CAN-2002-0392 to this issue:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0392
SOLUTION
--------
We recommend that sites providing external Apache access upgrade to the fixed
Apache package as soon as possible. If you are using mod_ssl, you will also
require an updated mod_ssl package. Updated packages have been prepared for
Slackware 8.0 and 8.1.
WHERE TO FIND THE NEW PACKAGES:
-------------------------------
Updated Apache package for Slackware 8.0:
ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/apache.tgz
Updated Apache package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/slackware/n/apache-1.3.26-i386-1.tgz
Updated mod_ssl package for Slackware 8.0:
ftp://ftp.slackware.com/pub/slackware/slackware-8.0/patches/packages/mod_ssl.tgz
Updated mod_ssl package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/slackware/n/mod_ssl-2.8.9_1.3.26-i386-1.tgz
MD5 SIGNATURE:
--------------
Here are the md5sums for the packages:
Slackware 8.0:
69de43846c84209bc274ff5c1af554d6 apache.tgz
ca09ade9fbcd66b2e6e2aa13906140d2 mod_ssl.tgz
Slackware 8.1:
d92ba4c9a8b4afd589e274f394fa0e3c apache-1.3.26-i386-1.tgz
1ac6cd008bb22db99accacc8648efbf6 mod_ssl-2.8.9_1.3.26-i386-1.tgz
INSTALLATION INSTRUCTIONS:
--------------------------
First, stop apache:
# apachectl stop
Next, upgrade the package(s):
# upgradepkg apache-1.3.26-i386-1.tgz
# upgradepkg mod_ssl-2.8.9_1.3.26-i386-1.tgz
Then, restart apache:
# apachectl start
Remember, it's also a good idea to backup configuration files before
upgrading packages.
- Slackware Linux Security Team
http://www.slackware.com
Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.