Date: Tue, 7 May 2002 11:00:05 -0500 From: "Jacques A. Vidrine" <nectar@FreeBSD.org> To: ports@FreeBSD.org Subject: Fwd: [Apache-SSL 1.3.22+1.47 - update to security fix] Message-ID: <20020507160005.GH96090@madman.nectar.cc>
next in thread | raw e-mail | index | archive | help
Would someone either update the apache13-ssl port, or kill it? I should have marked it FORBIDDEN when we issued FreeBSD-SN-02:01, but I still have not. Cheers, -- Jacques A. Vidrine <n@nectar.cc> http://www.nectar.cc/ NTT/Verio SME . FreeBSD UNIX . Heimdal Kerberos jvidrine@verio.net . nectar@FreeBSD.org . nectar@kth.se ----- Forwarded message from Ben Laurie <ben@algroup.co.uk> ----- Date: Mon, 04 Mar 2002 14:47:51 +0000 From: Ben Laurie <ben@algroup.co.uk> To: Apache SSL <apache-ssl@lists.aldigital.co.uk>, Apache SSL Announce <apache-sslannounce@lists.aldigital.co.uk>, Bugtraq <BUGTRAQ@SECURITYFOCUS.COM>, CERT Coordination Center <cert@cert.org> Subject: Apache-SSL 1.3.22+1.47 - update to security fix On Friday 1st March 2002 I released a security alert for Apache-SSL, announcing a fix to a buffer overflow. Unfortunately, because the fix had to be released in haste (since I had not been alerted before public disclosure), the fix had a bug. Fortunately, the bug did not leave Apache-SSL vulnerable, but it did prevent correct operation. I have, therefore, released an updated version of Apache-SSL today, 1.3.22+1.47, which is available from all the usual places. Users of versions prior to this should upgrade immediately. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff ----- End forwarded message ----- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020507160005.GH96090>