Kuwait Linux User Group

Apache 2.0.50 Released.
Date: Thursday, September 16, 2004 @ 21:17:15 EDT
Topic: adv


The Apache HTTP Server Project is proud to announce the release of version 2.0.50 of the Apache HTTP Server ("Apache"). (translations are available fo German and Japanese language) .

This version of Apache is principally a bug fix release. Of particular note is that 2.0.50 addresses two security vulnerabilities:

A remotely triggered memory leak in http header parsing can allow a denial of service attack due to excessive memory consumption.
[CAN-2004-0493]

? ? ? ? ? ? ? ? ? ?  Fixes a mod_ssl buffer overflow in the FakeBasicAuth code for a (trusted) client certificate subject DN which exceeds 6K in length.
? ? ? ? ?  [CAN-2004-0488]



For further details, see the announcement





This article comes from Kuwait Linux User Group
http://www.q8linux.net

The URL for this story is:
http://www.q8linux.net/modules.php?name=News&file=article&sid=100