Date: Tue, 13 Aug 2002 19:38:42 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: "H. Wade Minter" <minter@lunenburg.org> Cc: Matthew Seaman <m.seaman@infracaninophile.co.uk>, freebsd-questions@FreeBSD.ORG Subject: Re: Apache content-length issue Message-ID: <20020813183842.GB13561@happy-idiot-talk.infracaninophi> In-Reply-To: <20020813102825.B33536-100000@bunning.skiltech.com> References: <20020812220341.GA10183@happy-idiot-talk.infracaninophi> <20020813102825.B33536-100000@bunning.skiltech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Aug 13, 2002 at 10:29:37AM -0400, H. Wade Minter wrote: > Is this something that might have been configured at compile-time for > Apache via the ports? Unlikely. There aren't any obvious knobs to twiddle in the www/apache13 Makefile. I think you'ld remember all the hoops you had to jump through to modify something like that. > Maybe to stop the chunked encoding vulnerability? No --- the cure as given in ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SN-02%3A04.asc was always to upgrade to 1.3.26 or 2.0.39 Those who cannot upgrade should investigate the www/mod_blowchunks port. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Tel: +44 1628 476614 Marlow Fax: +44 0870 0522645 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020813183842.GB13561>