Date: Fri, 27 Nov 1998 10:57:44 +0100 From: Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE> To: Sheldon Hearn <axl@iafrica.com>, Christoph Kukulies <kuku@gilberto.physik.RWTH-Aachen.DE> Cc: freebsd-security@FreeBSD.ORG Subject: Re: cgi-bin/phf* security hole in apache Message-ID: <19981127105744.A28408@gil.physik.rwth-aachen.de> In-Reply-To: <22257.912152434@axl.training.iafrica.com>; from Sheldon Hearn on Fri, Nov 27, 1998 at 09:40:34AM %2B0200 References: <19981126190545.A26062@gil.physik.rwth-aachen.de> <22257.912152434@axl.training.iafrica.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, Nov 27, 1998 at 09:40:34AM +0200, Sheldon Hearn wrote: > > > On Thu, 26 Nov 1998 19:05:45 +0100, Christoph Kukulies wrote: > > > Excuse me, if you already are that precise, what apache FAQ are you refering? > > The 'offical' one on their web page carries > > > > "8. Whom do I contact for support?" > > That's exactly right. You're currently mailing freebsd-current, which is > not the right place to ask for help with Apache software. This means > you're contributing to the noise factor on the list and devaluing it. Despite from the somewhat unfriendly undertone in your answer - which I overhear for the moment - I find that bringing up security issues in a security list isn't adding to the noise factor. To make it 100% FreeBSD related I refine my question: Is there any danger and to what extent arising from previous or current apache httpd installations from the FreeBSD ports tree, especially WRT that phf security hole? Shouldn't the port also install the phf 'candid camera' catcher automatically? > > Ciao, > Sheldon. -- Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981127105744.A28408>