|
Apache mod_python Module Malformed Query Denial of Service Vulnerability
Solution: Updated mod_python packages have been released to address this issue. Users are Apache 1.3.x are advised to upgrade to 2.7.9 whereas, users of Apache 2.x are advised to upgrade 3.0.4. The vendor has reported that this issue was not fixed properly in upgrade 2.7.9, therefore the vendor has released upgrade 2.7.10 to address this issue. Users of version 2.7.9 and prior are advised to upgrade to 2.7.10. Conectiva have released a security advisory (CLA-2004:837), and updates to address this issue in Conectiva products. Users are advised to apply these updates as soon as possible, further details regarding obtaining and installing these updates can be found in the referenced advisory. Turbolinux have released a security advisory (TLSA-2004-13), and updates to address this issue in Turbolinux products. Users are advised to apply these updates as soon as possible, further details regarding obtaining and installing these updates can be found in the referenced advisory. Gentoo has released an advisory GLSA 200401-03 to address this issue. Please see the referenced advisory for more information. Users may upgrade to the fixed version by carrying out the following commands: emerge sync emerge -pv ">=dev-python/mod_python-2.7.10" emerge ">=dev-python/mod_python-2.7.10" /etc/init.d/apache restart RedHat Fedora patches have been made available. RedHat has released an advisory RHSA-2004:063-01 to address this issue. Please see the referenced advisory for more information. RedHat has released an advisory RHSA-2004:058-08 to address this issue. Please see web references for more information. Debian has issued fixes. See advisory DSA-452-1 in the reference section. SGI has released an advisory 20040301-01-U with fixes to address this and other issues. Please see the referenced advisory for more information. Conectiva has released an advisory and patches for their Enterprise Linux distribution. Fedora has released advisories FEDORA-2005-105 and FEDORA-2005-106 for Fedora Core 2 and 3. These advisories address various issue. Please see the referenced advisories for more information. SGI ProPack 2.3
SGI ProPack 2.4
Gregory Trubetskoy mod_python 2.7
Gregory Trubetskoy mod_python 2.7.1
Gregory Trubetskoy mod_python 2.7.2
Gregory Trubetskoy mod_python 2.7.3
Gregory Trubetskoy mod_python 2.7.4
Gregory Trubetskoy mod_python 2.7.5
Gregory Trubetskoy mod_python 2.7.6
Gregory Trubetskoy mod_python 2.7.7
Gregory Trubetskoy mod_python 2.7.8
Gregory Trubetskoy mod_python 2.7.9
Gregory Trubetskoy mod_python 3.0
Gregory Trubetskoy mod_python 3.0.1
Gregory Trubetskoy mod_python 3.0.2
Gregory Trubetskoy mod_python 3.0.3
Conectiva Linux 8.0
Turbolinux Turbolinux Workstation 8.0
Turbolinux Turbolinux Server 8.0
Conectiva Linux 9.0
|
|
|
Privacy Statement |
