lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Date: Tue, 24 Nov 2009 18:56:52 -0500
From: rPath Update Announcements <>
Subject: rPSA-2009-0154-1 httpd mod_ssl

rPath Security Advisory: 2009-0154-1
Published: 2009-11-24
    rPath Appliance Platform Linux Service 1
    rPath Linux 1

Rating: Major
Exposure Level Classification:
    Indirect Deterministic Weakness
Updated Versions:

rPath Issue Tracking System:


    Previous versions of httpd are vulnerable to a man-in-the-middle attack
    during TLS session renegotiation, sometimes referred to as the "Project
    Mogul" issue.  This vulnerability has been addressed in this update.
    Additionally, two denial of service vulnerabilities and an access
    restriction bypass in mod_proxy_ftp are resolved in this update.

Copyright 2009 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at

Powered by blists - more mailing lists