Hi,

I'm searching download.novell.com and trying to find out if SP8 resolves
an issue with Apache module susceptibility to cross-site scripting that
was discovered when we ran a Qualys scan on some of our NetWare 6.5
servers. Specifically:

Apache HTTP Server modules "mod_status", "mod_imagemap", "mod_imap" and
"mod_proxy_ftp" contain multiple cross-site scripting vulnerabilities.
These vulnerabilities arise from the application failing to properly
sanitize user input.

The server tested for this was running 6.5.6. I know there is a 6.5.8,
but I have no way to verify that it addresses the above issue.

I knew this information used to be easier to find, and I can find
"mandatory" patches on the download site, but it doesn't list apache as
far back as 2004, which seems like an omission.

Any help would be appreciated!

Best regards,
Greg