Date: Thu, 20 Jun 2002 19:28:39 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Patrick Thomas <root@utility.clubscholarship.com> Cc: freebsd-hackers@freebsd.org Subject: Re: inuring FreeBSD to the apache bug without upgrading apache ? Message-ID: <20020620192839.A72755@xor.obsecurity.org> In-Reply-To: <20020620141424.U68572-100000@utility.clubscholarship.com>; from root@utility.clubscholarship.com on Thu, Jun 20, 2002 at 02:17:41PM -0700 References: <20020620141424.U68572-100000@utility.clubscholarship.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--Nq2Wo0NMKNjxTN9z Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Thu, Jun 20, 2002 at 02:17:41PM -0700, Patrick Thomas wrote: >=20 > Is it possible to patch/recompile FreeBSD 4.5 in such a way that your > system is no longer vulnerable to the "chunking" attack, even if you are > still running a vulnerable apache ? Surely it's easier to just upgrade the apache port, instead of recompiling your kernel and the entire OS. Kris --Nq2Wo0NMKNjxTN9z Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9Eo9XWry0BWjoQKURAhchAKCWea1n03Z9gbQVhbcAJRIRhz7zZQCdH9R6 SqZTYAE+LiaA19atWYPvRm4= =TgIY -----END PGP SIGNATURE----- --Nq2Wo0NMKNjxTN9z-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020620192839.A72755>