apache和mysql的安全问题

apache已经出1.3.28了，1.3.27已经被证明有3个潜在的安全隐患，因此apache建议新安装的系统都用28，

mysql 4.0.14已经被证明比较稳定，但是由于3.23.xx版本和4.0.[12]，以及后续版本的兼容性有问题，仅建议在新系统中使用4.0.14，升级要慎重！

http://www.apache.org/dist/httpd/Announcement.html

:  
CAN-2003-0460 (cve.mitre.org): Fix the rotatelogs support program on Win32 and OS/2 to ignore special control characters received over the pipe. Previously such characters could cause it to quit logging and exit. We would like to thank the Hitachi Incident Response team for their responsible disclosure of this issue.  
VU#379828 : The server could crash when going into an infinite loop due to too many subsequent internal redirects and nested subrequests.  
Eliminated leaks of several file descriptors to child processes, such as CGI scripts.