-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 13 Dec 2002, Matthew Boeckman enscribed the following:
MB>> Are you sure that they're not addresing the issues? *My* understanding is MB>> that, in most cases, the security patches are applied to the version of MB>> the app currently being distributed by RH. This was certainly true with MB>> regard to the OpenSSH bugs, and I'm fairly sure that philosophy is true MB>> with Apache...there were a number of updates released for it, over the MB>> last few months. MB> MB>Are they? I suppose it is possible as I inexplicably find openssh-3.1p1 MB>RPM's in updates.redhat.com. Not that I doubt you, but I would like to MB>see some page somewhere that says so. Likewise I'd like to see the page, MB>dated in August that lets us all know that they patched apache1.3.26 to MB>fix that vulnerability and it's now available for download. MB> MB>If they are doing as you say, why the advisory that I posted earlier? MB>Reading it it certainly doesn't say anything about "pull down the MB>apache-1.3.26-2.rpm", but it does say to apply immeadiately the updates MB>for 1.3.27 (which did not ship with 7.2, or 7.3). Psyche: https://rhn.redhat.com/errata/rh8-errata.html Valhalla: https://rhn.redhat.com/errata/rh73-errata.html Enigma: https://rhn.redhat.com/errata/rh72-errata.html Seawolf: https://rhn.redhat.com/errata/rh71-errata.html - -- [EMAIL PROTECTED], RHCE Instructor, Global Learning Services -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE9+goGYCtDlaj78K8RAtelAKCGsC8ApD1LZFUZo1VNIsnMGW0CMQCdF98M kxmxCqf3MPP1kF0E+SzIAHA= =1RdQ -----END PGP SIGNATURE----- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED]?subject=unsubscribe https://listman.redhat.com/mailman/listinfo/redhat-list
