Return-Path: X-Original-To: apmail-httpd-users-archive@www.apache.org Delivered-To: apmail-httpd-users-archive@www.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 0CE3917779 for ; Tue, 14 Oct 2014 05:37:08 +0000 (UTC) Received: (qmail 75048 invoked by uid 500); 14 Oct 2014 05:37:04 -0000 Delivered-To: apmail-httpd-users-archive@httpd.apache.org Received: (qmail 75025 invoked by uid 500); 14 Oct 2014 05:37:04 -0000 Mailing-List: contact users-help@httpd.apache.org; run by ezmlm Precedence: bulk Reply-To: users@httpd.apache.org list-help: list-unsubscribe: List-Post: List-Id: Delivered-To: mailing list users@httpd.apache.org Received: (qmail 75015 invoked by uid 99); 14 Oct 2014 05:37:03 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Oct 2014 05:37:03 +0000 X-ASF-Spam-Status: No, hits=-2.1 required=5.0 tests=HTML_MESSAGE,RCVD_IN_DNSWL_HI,SPF_NEUTRAL X-Spam-Check-By: apache.org Received-SPF: neutral (nike.apache.org: local policy) Received: from [194.127.3.35] (HELO mailgw.allianz.de) (194.127.3.35) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 14 Oct 2014 05:36:38 +0000 Received: from SW008224.wwg00m.rootdom.net (sw008224.wwg00m.rootdom.net [10.103.111.25] (may be forged)) by mailgw.allianz.de with ESMTP id s9E5aOFX000985 for ; Tue, 14 Oct 2014 05:36:36 GMT Received: from wmucv161.wwg00m.rootdom.net ([fe80::6158:ceb4:753a:f3fe]) by SW008224.wwg00m.rootdom.net ([fe80::d0cb:b1c:2bbc:acbb%13]) with mapi; Tue, 14 Oct 2014 07:36:24 +0200 From: "Bremser, Kurt (AMOS Austria GmbH)" To: "users@httpd.apache.org" Date: Tue, 14 Oct 2014 07:34:17 +0200 Thread-Topic: [users@httpd] Re: [wd-vc] Thread-Index: Ac/nTGSJZ/t1lJ44Qh2GNGocdYORaQAJBrVD Message-ID: References: , In-Reply-To: Accept-Language: de-DE Content-Language: de-DE X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: de-DE Content-Type: multipart/alternative; boundary="_000_BEAC2A635FC2504181FDD7743A8142C2A768361419WMUCV161wwg00_" MIME-Version: 1.0 X-Virus-Checked: Checked by ClamAV on apache.org Subject: AW: [users@httpd] Re: [wd-vc] --_000_BEAC2A635FC2504181FDD7743A8142C2A768361419WMUCV161wwg00_ Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit If you need to stay at 2.2, take the most recent version there. Otherwise migrate to the most recent version of 2.4. AFAIK, that means 2.2.27 or 2.4.10 at the moment. Kurt Bremser AMOS Austria Newton was wrong. There is no gravity. The Earth sucks. ________________________________ Von: muthamilan Sargunaanandan [muthamilan@gmail.com] Gesendet: Dienstag, 14. Oktober 2014 03:15 An: users@httpd.apache.org Betreff: Re: [users@httpd] Re: [wd-vc] Hello All, Becuase of OpenSSL Multiple Remote SecurityVulnerabilities.,I'm planning to update my Apache from httpd-2.2.22-win32-x86-openssl-0.9.8t . Please suggest me, which version will the best/stable version to update from 2.2.22. Thanks in Advance. Muthamilan On Fri, Sep 19, 2014 at 11:44 PM, muthamilan Sargunaanandan > wrote: Hello SME, My Production environment webserver Apache httpd-2.2.22-win32-x86-openssl-0.9.8t having OpenSSL Multiple Remote Security Vulnerabilities. As per the Vulnerability scan report , they suggested to upgrade the open ssl. is it possible with out Apache upgrade, can I upgrade the open SSL verson? if yes, please let me know the procedure for the same. Please guide me. Thanks. Muthamilan On Fri, Sep 12, 2014 at 5:53 PM, muthamilan Sargunaanandan > wrote: Hello SMEs, I'm having a Apache version httpd-2.2.22-win32-x86-openssl-0.9.8t.As per Vulnerability report, Compression algorithms should be disabled. Please help me , how to disable it. Thanks in Advance Regards Muthu AMOS Austria GmbH 1130 Wien, Hietzinger Kai 101-105 FN 365014k, Handelsgericht Wien UID: ATU 66614737 http://www.allianz.at ******************************************************** Dieses E-Mail und allfaellig daran angeschlossene Anhaenge enthalten Informationen, die vertraulich und ausschliesslich fuer den (die) bezeichneten Adressaten bestimmt sind. Wenn Sie nicht der genannte Adressat sind, darf dieses E-Mail samt allfaelliger Anhaenge von Ihnen weder anderen Personen zugaenglich gemacht noch in anderer Weise verwertet werden. Wenn Sie nicht der beabsichtigte Empfaenger sind, bitten wir Sie, dieses E-Mail und saemtliche angeschlossene Anhaenge zu loeschen. Please note: This email and any files transmitted with it is intended only for the named recipients and may contain confidential and/or privileged information. If you are not the intended recipient, please do not read, copy, use or disclose the contents of this communication to others and notify the sender immediately. Then please delete the email and any copies of it. Thank you. ******************************************************** --_000_BEAC2A635FC2504181FDD7743A8142C2A768361419WMUCV161wwg00_ Content-Type: text/html; charset=iso-8859-1 Content-Transfer-Encoding: 7bit
If you need to stay at 2.2, take the most recent version there. Otherwise migrate to the most recent version of 2.4. AFAIK, that means 2.2.27 or 2.4.10 at the moment.
 
Kurt Bremser
AMOS Austria
 
Newton was wrong. There is no gravity. The Earth sucks.
Von: muthamilan Sargunaanandan [muthamilan@gmail.com]
Gesendet: Dienstag, 14. Oktober 2014 03:15
An: users@httpd.apache.org
Betreff: Re: [users@httpd] Re: [wd-vc]

Hello All,

Becuase of  OpenSSL Multiple Remote SecurityVulnerabilities.,I'm planning to update my Apache from  httpd-2.2.22-win32-x86-openssl-0.9.8t  . Please suggest me, which version will the best/stable version to update from 2.2.22.


Thanks in Advance.

Muthamilan

On Fri, Sep 19, 2014 at 11:44 PM, muthamilan Sargunaanandan <muthamilan@gmail.com> wrote:
Hello SME,

My Production environment webserver  Apache  httpd-2.2.22-win32-x86-openssl-0.9.8t having OpenSSL Multiple Remote Security Vulnerabilities.

As per the Vulnerability scan report , they suggested to upgrade the open ssl.

is it possible with out Apache upgrade, can I upgrade the open SSL verson? if yes, please let me know the procedure for the same.

Please guide me.


Thanks.
Muthamilan

On Fri, Sep 12, 2014 at 5:53 PM, muthamilan Sargunaanandan <muthamilan@gmail.com> wrote:
Hello SMEs,

I'm having a Apache version httpd-2.2.22-win32-x86-openssl-0.9.8t.As per Vulnerability report, Compression algorithms should be disabled.

Please help me , how to disable it.

Thanks in Advance

Regards
Muthu



AMOS Austria GmbH
1130 Wien, Hietzinger Kai 101-105
FN 365014k, Handelsgericht Wien
UID: ATU 66614737

http://www.allianz.at

********************************************************
Dieses E-Mail und allfaellig daran angeschlossene Anhaenge
enthalten Informationen, die vertraulich und
ausschliesslich fuer den (die) bezeichneten Adressaten
bestimmt sind.
Wenn Sie nicht der genannte Adressat sind, darf dieses
E-Mail samt allfaelliger Anhaenge von Ihnen weder anderen
Personen zugaenglich gemacht noch in anderer Weise
verwertet werden.
Wenn Sie nicht der beabsichtigte Empfaenger sind, bitten
wir Sie, dieses E-Mail und saemtliche angeschlossene
Anhaenge zu loeschen.

Please note: This email and any files transmitted with it is
intended only for the named recipients and may contain
confidential and/or privileged information. If you are not the
intended recipient, please do not read, copy, use or disclose
the contents of this communication to others and notify the
sender immediately. Then please delete the email and any
copies of it. Thank you.
******************************************************** --_000_BEAC2A635FC2504181FDD7743A8142C2A768361419WMUCV161wwg00_--