On 05/28/2009 06:43 PM, Gilbert Sebenste wrote: > Does the test version (2.2.8) have these backported in them already? no.. > If not, are these exploits local or global? Can i just update mod_ssl to > alleviate the problem if I have 2.2.8? More than willing to go back to > 2.2.3 if needed. Just trying to save a little work since 2.2.8 has run > very well for me. the entire 'el5s2' suite of packages had an update recently, and is pending a push out - but it will not happen before Monday. I suggest you read the advisory and make a decision based on that. -- Karanbir Singh : http://www.karan.org/ : 2522219 at icq