httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <jsl...@gmail.com>
Subject Re: [users@httpd] Security patches for 2.0.50
Date Thu, 23 Sep 2004 15:03:34 GMT
On Thu, 23 Sep 2004 11:12:41 -0300, Federico Petronio
<petrus@activesec.biz> wrote:
> Hello, I planed to update Apache-2.0.50 with the recent security patches
> (http://www.apache.org/dist/httpd/patches/apply_to_2.0.50/) but today I
> saw that there are some new ones that applies ONLY to 2.0.51
> 
> My question is, if I fist apply the security patches for 2.0.50, then
> should I apply the patch for 2.0.51 too? or the vulnerable code in
> 2.0.51 is not present in the patch to 2.0.50?

The patch for 2.0.51 fixes a regression, meaning the problem didn't
exist in 2.0.50.

But it would probably be better to just use 2.0.51+patch.  Then you
will get a bunch of other fixes that aren't security-related.

Joshua.

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message