In association with heise online

10 September 2007, 14:35

New Apache version closes holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The Apache Foundation has released versions 2.0.61 and 2.2.6 of its HTTP server. The updates not only include numerous bug fixes, but also eliminate five security issues. Attackers can no longer crash the mod_proxy and mod_cache modules with crafted requests or inspect the headers of prior connections using a flaw in mod_mem_cache. In addition, a cross-site scripting vulnerability in the mod_status module has been fixed. On top of that, a DoS vulnerability in the Prefork MPM module has been eliminated. The manufacturer encourages all users to upgrade to the new version.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit