Description of problem: Certain errors returned by accept() on rarely accessed ports could cause temporal denial of service, due to a bug in the prefork MPM. Version-Release number of selected component (if applicable): All versions of httpd before 2.0.47
This bug was opened on July 9 to address a security issue and it remains a "NEW" status issue. When can we expect movement on this so that Redhat users and RHN subscribers aren't being encouraged to use outdated and insecure software packages?
I guess it should really be "assigned" since we did start through our internal errata process which will lead to an errata. This issue is classed as a low risk as the vulnerable configuration is rarely found.
An errata has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2003-240.html