PRODUCT_LINE: BCM50
============================================

TITLE
=====

BCM050.196-APACHE

========================
Release: 1.0 Issue: N/A
Category: GEN
Superceded By: NONE
Release Date: 20080826
Patch Conflict(s): N/A
Special Instructions: NO
Patch Version: N/A
========================

Software Update Name: BCM050.196-APACHE

Applicable H/W Platforms: BCM50, BCM50a, BCM50e, SRG50

Applicable S/W Platforms: 1.00.2.04g, 1.00.2.04j, SRG50

Category: GEN

Installation Recommendations:
This update should be applied to all new installs of BCM50 R1 and SRG50. 
Existing installations should have this update applied if they are experiencing 
any of the issues that are corrected. This update should be applied to all BCMs 
at the next scheduled service opportunity to address security vulnerabilities 
present in an older versions of the Apache web server component which is used 
in the BCM.

Component & Version:
   apache    2.0.63

Dependencies: Required updates: None

Product Dependencies: None

Size: 1.8MB

System Impact: 
Time to apply approximately 1 minute

Does update application force reboot: No

Other Impacts: None

Limitations: None

Update Removable: no

Description:
-----------
The following issues are addressed:

1. Cross Site Scripting (XSS) or Denial of Service (DoS) vulnerabilities in Apache
Security Vulnerabilities in the Apache 1.3 and 2.0 Web Server Daemon and "mod_status" 
Module May Lead to Cross Site Scripting (XSS) or Denial of Service (DoS). 
More Info: http://securitytracker.com/alerts/2008/Jan/1019154.html
Q01814487


This update includes the content of the following superseded updates:
No previous updates