Security Issue on Apache

Discussion in 'Developers' Forum' started by Ben, Jul 28, 2006.

  1. Ben

    Ben ISPConfig Developer ISPConfig Developer

  2. falko

    falko Super Moderator ISPConfig Developer

    We will put the latest Apache 1.3 package into ISPConfig soon.
     
  3. Ben

    Ben ISPConfig Developer ISPConfig Developer

    Anything special to take car of? Otherwise I could do my first job and uplodat it to svn ;)
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Maybe you can check if we are affected by this bug at all. If I read it correctly at heise, there are only some special rewrite rules affected, But I think we dont use rewriting in the apache server on port 81. This would give us some extra time for testing the 1.3.37 update.

    To update apache to 1.3.37 in ISPConfig in SVN.

    1) Replace the apache apache_1.3.36.tar.gz by the latest tar.gz version in the directory compile_apps

    2) Replace mod_ssl (mod_ssl-2.8.27-1.3.36.tar.gz) by the latest version for apache 1.3.37, you can download it from modssl.org

    3) Edit the file compile_apps/compile and change the version numbers of apache and mod_ssl in line 33 and 34 to the latest versions. These version numbers are the names of the tar.gz files without the tar.gz ending.
     
  5. falko

    falko Super Moderator ISPConfig Developer

    I've already updated it in SVN yesterday...
     
  6. Ben

    Ben ISPConfig Developer ISPConfig Developer

    Just saw it ;)
     

Share This Page