Date: Wed, 19 Jun 2002 15:10:06 -0600 From: Brett Glass <brett@lariat.org> To: Jan Lentfer <Jan.Lentfer@web.de>, freebsd-security@FreeBSD.ORG Subject: Re: Apache 1.3.26 port Message-ID: <4.3.2.7.2.20020619150748.0236b1d0@localhost> In-Reply-To: <1024460049.2166.6.camel@jan-linnb.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
Yes, installing the new port will nuke all of your data. And, as has been the case with many other ports, the package has not been built and put up on the FTP site. Everyone who installs FreeBSD and elects to install Apache across the Net will get the insecure version of Apache until this is fixed. It's just as important to upgrade the binary packages (and/or mark them as "forbidden") as it is the ports. --Brett At 10:14 PM 6/18/2002, Jan Lentfer wrote: >Hi, > >i am new to this list, so I don't know if this is the right place for my >comment, so please be gentle ;-) > >After reading all the mail about the apache vulnerability, today I >installed the new 1.3.26 port. The compilation, etc. went clean, I also >had to reinstall mod_php4 and mod_fastcgi until I could make apache >start. Then I found that all my subdirectories in /usr/local/data/www >were gone (deleted)!! Luckily this was on my private machine! Is this a >normal behaviour? Anyway, it's good I know it now so I will for sure >backup the directorires on my production machines > > >Regards, > >Jan Lentfer > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20020619150748.0236b1d0>