mod_ssl 2.2.3

mod_ssl 2.2.3

am 01.04.2008 17:31:47 von Sir June

--0-2038167095-1207063907=:55197
Content-Type: text/plain; charset=us-ascii

I have a Solaris box with Apache 2.2.3 and mod_ssl 2.2.3. Our security consultant ran a vulnerability software and the report recommended to upgrade to mod_ssl 2.8.24 or higher. Is this possible ? as i only see releases for Apache 1.3.x What are your recommendations?

thanks,
Sir june




____________________________________________________________ ________________________
You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.
http://tc.deals.yahoo.com/tc/blockbuster/text5.com
--0-2038167095-1207063907=:55197
Content-Type: text/html; charset=us-ascii

I have a Solaris box with Apache 2.2.3  and mod_ssl 2.2.3.   Our security consultant ran a vulnerability software and the report recommended to upgrade to mod_ssl 2.8.24      or higher.     Is this possible ?  as i only see releases  for  Apache 1.3.x   What are your recommendations?

thanks,
Sir june






You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.
--0-2038167095-1207063907=:55197--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

Re: mod_ssl 2.2.3

am 01.04.2008 17:35:00 von dufresne

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



modssl is built into the 2.x.x apache versions. your consultant must be
asking you to upgrade full apache version.


the 1.3.x apache tree still has a separate modssl base to add and build
off of. This should not be a concern for you since you are running the
newer apache tree.

Thanks,


Ron DuFresne

On Tue, 1 Apr 2008, Sir June wrote:

> I have a Solaris box with Apache 2.2.3 and mod_ssl 2.2.3. Our security consultant ran a vulnerability software and the report recommended to upgrade to mod_ssl 2.8.24 or higher. Is this possible ? as i only see releases for Apache 1.3.x What are your recommendations?
>
> thanks,
> Sir june
>
>
>
>
> ____________________________________________________________ ________________________
> You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.
> http://tc.deals.yahoo.com/tc/blockbuster/text5.com

- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629

....We waste time looking for the perfect lover
instead of creating the perfect love.

-Tom Robbins
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFH8lYmst+vzJSwZikRAm6YAJ9e9NwNJu8sGjuFE3CcnljNI3kVxgCf Xl4x
R0NJeZnoKQpRfqrff0Xir+o=
=sIQZ
-----END PGP SIGNATURE-----
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org