-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



modssl is built into the 2.x.x apache versions. your consultant must be
asking you to upgrade full apache version.


the 1.3.x apache tree still has a separate modssl base to add and build
off of. This should not be a concern for you since you are running the
newer apache tree.

Thanks,


Ron DuFresne

On Tue, 1 Apr 2008, Sir June wrote:

> I have a Solaris box with Apache 2.2.3 and mod_ssl 2.2.3. Our security consultant ran a vulnerability software and the report recommended to upgrade to mod_ssl 2.8.24 or higher. Is this possible ? as i only see releases for Apache 1.3.x What are your recommendations?
>
> thanks,
> Sir june
>
>
>
>
> __________________________________________________ __________________________________
> You rock. That's why Blockbuster's offering you one month of Blockbuster Total Access, No Cost.
> http://tc.deals.yahoo.com/tc/blockbuster/text5.com


- --
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com
http://sysinfo.com
Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629

....We waste time looking for the perfect lover
instead of creating the perfect love.

-Tom Robbins
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFH8lYmst+vzJSwZikRAm6YAJ9e9NwNJu8sGjuFE3Ccnl jNI3kVxgCfXl4x
R0NJeZnoKQpRfqrff0Xir+o=
=sIQZ
-----END PGP SIGNATURE-----
__________________________________________________ ____________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org