I saw WebMasterWorld has already patched up their Apache to 1.3.26... And if you are an Apache user, you too should get the update. Here's the same news item from SecurityFocus.

[online.securityfocus.com ]

According to the article, they have already demonstrated how to get a shell prompt on an unpatched OpenBSD box. Sooner or later there will be Linux, Solaris and other variants floating around the net, waiting to be used by the script kiddies. I've patched all my boxes last night (RedHat and Mandrake). Love urpmi from Mandrake :)

I just did the upgrade. I alway compile apache from source, this way I get exactly the modules I need and nothing extra.

The Apache foundation is truly a class act. It took them only 24 little hours to get the patch out.

is it possible to upgrade apache using webmin?

If not, how do I upgrade to the latest version?

I think you are going to have to get shell access to upgrade Apache. The 'Hows' of the process will depend on how you have it set up now. If you have an RPM based server you probably would want to go that way again so all your webmin hooks keep working.

You would upload all the new apache rpms into a folder and then just go:
rpm -Uhv *.rpm

If this is all new to you, you better get some help though.

Ok, I got a debian system and have a webmin control panel.

I have used webmin to upgrade some packages but it didnt do apache or PHP.

I guess the apache upgrade is important but I'd also like to upgrade to the latest PHP.

So can I do this with webmin?

I worked it out guys.

needed to do a apt-get install apache

Man, that is so sweet. Why can't windows updates be so easy?

(: So many people I know are getting attacked by that new form of DoS. I fixed mine a few days ago :) heheeh its neat how it brings the computer to its knees.