[lug] mozilla 1.2.1

[Hugh Brown]

On Sat, 2002-12-14 at 08:26, rm at fabula.de wrote:
> On Thu, Dec 12, 2002 at 10:28:03PM -0700, jdavis wrote:
> >
> > thanks for the help. i got tired of jacking with the profiles
> > and just removed all instances of mozilla and its files and re-installed
> > from my rh7.3 disk and updated. When I click the "about" button in
> > mozilla it reports 1.0.1...Im hoping this is like on my old
> > 7.3 server how my updated Apache version still claimed 1.26 or what ever
> > it was that was vuln to chunked attack..but it wasnt vuln. 
> 
> Hi JD,
> 
> having froliced arround in the apache source for a while myself
> i just wonder: are you _really_ shure you are running apache 1.27?
> The version string is compiled into the server core and if you 
> telnet to your server and it reports 1.26 you can be pretty shure
> you're running the old version.
> 
>   Ralfd
> 

As far as the updates go that redhat does, they don't usually blanket
update a package but rather back port security patches.  So if you had
looked at the version of apache (prior to the latest update) it was at
version 1.3.22-5 even though 1.3.26 had the fix in the apache tree.

Hugh




> > Mozilla
> > 1.0.1 appears to have some cookie security issues as well as other
> > things. Am I being protected by only using up2date to take care
> > of all my security patches?
> > 
> > thanks again,
> > jd
> > jd at taproot.bz
> > http://www.taproot.bz
> > 
> > 
> > 
> > _______________________________________________
> > Web Page:  http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> > Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug