You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by thomas2004 <th...@yahoo.de> on 2011/12/15 10:29:32 UTC
[users@httpd] A question about "Apache mod_proxy/mod_rewrite Bug Lets Remote
Users Access Internal Servers"
Hi all,
I was recently informed from our IT-security team that a security leak was
found by Apache Httpd (see [1]).
This leak was fixed but seems Apache hasn't delevered the fixed version. Who
knows when I can get this new fixed version?
[1] http://securitytracker.com/id/1026353
--
View this message in context: http://old.nabble.com/A-question-about-%22Apache-mod_proxy-mod_rewrite-Bug-Lets-Remote-Users-Access-Internal-Servers%22-tp32980338p32980338.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] A question about "Apache mod_proxy/mod_rewrite
Bug Lets Remote Users Access Internal Servers"
Posted by thomas2004 <th...@yahoo.de>.
I know this link. But it doesn't help me since I am going to get the already
fixed release of Apache Httpd. I will not compile the C-soucr code myself.
Igor Galić wrote:
>
>
>
> ----- Original Message -----
>>
>> Hi all,
>>
>> I was recently informed from our IT-security team that a security
>> leak was
>> found by Apache Httpd (see [1]).
>>
>> This leak was fixed but seems Apache hasn't delevered the fixed
>> version. Who
>> knows when I can get this new fixed version?
>>
>>
>>
>> [1] http://securitytracker.com/id/1026353
>> --
>> View this message in context:
>> http://old.nabble.com/A-question-about-%22Apache-mod_proxy-mod_rewrite-Bug-Lets-Remote-Users-Access-Internal-Servers%22-tp32980338p32980338.html
>> Sent from the Apache HTTP Server - Users mailing list archive at
>> Nabble.com.
>
>
> This thread is where the fix is discussed:
>
>
> http://mail-archives.apache.org/mod_mbox/httpd-dev/201111.mbox/%3c20111123142321.GB22547@redhat.com%3e
>
> i
>
> --
> Igor Galić
>
> Tel: +43 (0) 664 886 22 883
> Mail: i.galic@brainsware.org
> URL: http://brainsware.org/
> GPG: 6880 4155 74BD FD7C B515 2EA5 4B1D 9E08 A097 C9AE
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
> " from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>
>
--
View this message in context: http://old.nabble.com/A-question-about-%22Apache-mod_proxy-mod_rewrite-Bug-Lets-Remote-Users-Access-Internal-Servers%22-tp32980338p33005303.html
Sent from the Apache HTTP Server - Users mailing list archive at Nabble.com.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] A question about "Apache mod_proxy/mod_rewrite Bug Lets Remote Users Access Internal Servers"
Posted by Igor Galić <i....@brainsware.org>.
----- Original Message -----
>
> Hi all,
>
> I was recently informed from our IT-security team that a security
> leak was
> found by Apache Httpd (see [1]).
>
> This leak was fixed but seems Apache hasn't delevered the fixed
> version. Who
> knows when I can get this new fixed version?
>
>
>
> [1] http://securitytracker.com/id/1026353
> --
> View this message in context:
> http://old.nabble.com/A-question-about-%22Apache-mod_proxy-mod_rewrite-Bug-Lets-Remote-Users-Access-Internal-Servers%22-tp32980338p32980338.html
> Sent from the Apache HTTP Server - Users mailing list archive at
> Nabble.com.
This thread is where the fix is discussed:
http://mail-archives.apache.org/mod_mbox/httpd-dev/201111.mbox/%3c20111123142321.GB22547@redhat.com%3e
i
--
Igor Galić
Tel: +43 (0) 664 886 22 883
Mail: i.galic@brainsware.org
URL: http://brainsware.org/
GPG: 6880 4155 74BD FD7C B515 2EA5 4B1D 9E08 A097 C9AE
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org