Comment 3 for bug 6948

Message-Id: <20040630081947.4F33F4488@mebius>
Date: Wed, 30 Jun 2004 17:19:47 +0900
From: Hideki Yamane <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: apache2: DoS in apache httpd 2.0.49 issue (CAN-2004-0493)

Package: apache2
Severity: normal
Tags: security

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Dear apache2 maintainer team,

 Probably you know, but FYI.
 (I cannot find discussion in debian-apache ML and new packages
  in incoming, so I posted this in BTS. This post makes users to
  track security issue more easier, I think).

 Georgi Guninski found security flaw about DoS attack in apache 2.0.49.
 (http://www.guninski.com/httpd1.html)

 and patch is here.
 http://www.apache.org/dist/httpd/patches/apply_to_2.0.49/CAN-2004-0493.patch
 Is there any plan to apply this patch?

 If I had overlooked your working about this issue, please let me know
 what I should see.

- --
Regards,

 Hideki Yamane henrich @ samba.gr.jp/iijmio-mail.jp

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA4neiIu0hy8THJksRAh7mAJ9kkr5I4dFmmNaxL75UPXxvMVOWQQCfZmlT
CF+W3gAGJVL5SShaiZ5Ktho=
=dBpV
-----END PGP SIGNATURE-----