From owner-freebsd-security Fri Nov 27 07:14:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id HAA28572 for freebsd-security-outgoing; Fri, 27 Nov 1998 07:14:20 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ns1.yes.no (ns1.yes.no [195.204.136.10]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id HAA28567 for ; Fri, 27 Nov 1998 07:14:19 -0800 (PST) (envelope-from eivind@bitbox.follo.net) Received: from bitbox.follo.net (bitbox.follo.net [195.204.143.218]) by ns1.yes.no (8.9.1a/8.9.1) with ESMTP id QAA23588; Fri, 27 Nov 1998 16:14:09 +0100 (CET) Received: (from eivind@localhost) by bitbox.follo.net (8.8.8/8.8.6) id QAA23571; Fri, 27 Nov 1998 16:14:08 +0100 (MET) Message-ID: <19981127161408.E9226@follo.net> Date: Fri, 27 Nov 1998 16:14:08 +0100 From: Eivind Eklund To: Christoph Kukulies Cc: freebsd-security@FreeBSD.ORG Subject: Re: cgi-bin/phf* security hole in apache References: <19981126190545.A26062@gil.physik.rwth-aachen.de> <22257.912152434@axl.training.iafrica.com> <19981127105744.A28408@gil.physik.rwth-aachen.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: <19981127105744.A28408@gil.physik.rwth-aachen.de>; from Christoph Kukulies on Fri, Nov 27, 1998 at 10:57:44AM +0100 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Fri, Nov 27, 1998 at 10:57:44AM +0100, Christoph Kukulies wrote: > Is there any danger and to what extent arising from previous or current > apache httpd installations from the FreeBSD ports tree, especially WRT > that phf security hole? > > Shouldn't the port also install the phf 'candid camera' catcher > automatically? Maybe. Do you have any reference to this catcher and what it does? Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message