From owner-freebsd-questions@FreeBSD.ORG Wed Jun 23 01:13:42 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BFDAE16A4CE for ; Wed, 23 Jun 2004 01:13:42 +0000 (GMT) Received: from mta11.adelphia.net (mta11.adelphia.net [68.168.78.205]) by mx1.FreeBSD.org (Postfix) with ESMTP id 664BB43D31 for ; Wed, 23 Jun 2004 01:13:42 +0000 (GMT) (envelope-from fbsd_user@a1poweruser.com) Received: from barbish ([67.20.101.71]) by mta11.adelphia.net (InterMail vM.6.01.03.02 201-2131-111-104-20040324) with SMTP id <20040623011324.KHTQ13168.mta11.adelphia.net@barbish> for ; Tue, 22 Jun 2004 21:13:24 -0400 From: "fbsd_user" To: "freebsd-questions@FreeBSD. ORG" Date: Tue, 22 Jun 2004 21:13:23 -0400 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1409 Importance: Normal Subject: apache13 security alert X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: fbsd_user@a1poweruser.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jun 2004 01:13:42 -0000 I missed this alert last week and I believe many people on the questions list missed it also. So here is the alert. apache-1.3.31_1 has known vulnerabilities: mod_ssl stack-based buffer overflow. Reference: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0488 Apache13 has been updated in the ports collection and the package as well. apache-1.3.31_2 is the new version. This update is now rolling through the mirror sites.