--0-2038167095-1207063907=:55197
Content-Type: text/plain; charset=us-ascii

I have a Solaris box with Apache 2.2.3 and mod_ssl 2.2.3. Our security consultant ran a vulnerability software and the report recommended to upgrade to mod_ssl 2.8.24 or higher. Is this possible ? as i only see releases for Apache 1.3.x What are your recommendations?

thanks,
Sir june




____________________________________________________________ ________________________
You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.
http://tc.deals.yahoo.com/tc/blockbuster/text5.com
--0-2038167095-1207063907=:55197
Content-Type: text/html; charset=us-ascii

<html><head><style type="text/css"><!-- DIV {margin:0px;} --></style></head><body><div style="font-family:arial,helvetica,sans-serif;font-size:10pt">I have a Solaris box with Apache 2.2.3  and mod_ssl 2.2.3.   Our security consultant ran a vulnerability software and the report recommended to upgrade to mod_ssl 2.8.24      or higher.     Is this possible ?  as i only see releases  for  Apache 1.3.x   What are your recommendations?<br><br>thanks,<br>Sir june<br><br></div><br>



<hr size=1>You rock. That's why Blockbuster's offering you <a href="http://us.rd.yahoo.com/evt=47523/*http://tc.deals.yahoo.com/tc/blockbuster/text5.com
">one month of Blockbuster Total Access</a>, No Cost.</body></html>
--0-2038167095-1207063907=:55197--
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users [at] modssl.org
Automated List Manager majordomo [at] modssl.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



modssl is built into the 2.x.x apache versions. your consultant must be
asking you to upgrade full apache version<s>.


the 1.3.x apache tree still has a separate modssl base to add and build
off of. This should not be a concern for you since you are running the
newer apache tree.

Thanks,


Ron DuFresne

On Tue, 1 Apr 2008, Sir June wrote:

> I have a Solaris box with Apache 2.2.3 and mod_ssl 2.2.3. Our security consultant ran a vulnerability software and the report recommended to upgrade to mod_ssl 2.8.24 or higher. Is this possible ? as i only see releases for Apache 1.3.x What are your recommendations?
>
> thanks,
> Sir june
>
>
>
>
> ____________________________________________________________ ________________________
> You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.
> http://tc.deals.yahoo.com/tc/blockbuster/text5.com

- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629

....We waste time looking for the perfect lover
instead of creating the perfect love.

-Tom Robbins <Still Life With Woodpecker>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFH8lYmst+vzJSwZikRAm6YAJ9e9NwNJu8sGjuFE3CcnljNI3kVxgCf Xl4x
R0NJeZnoKQpRfqrff0Xir+o=
=sIQZ
-----END PGP SIGNATURE-----
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users [at] modssl.org
Automated List Manager majordomo [at] modssl.org