Apache 2.0.50 Released.
Date: Thursday, September 16, 2004 @ 20:17:15 AST
Topic: software

The Apache HTTP Server Project is proud to announce the release of version 2.0.50 of the Apache HTTP Server ("Apache"). (translations are available fo German and Japanese language) .

This version of Apache is principally a bug fix release. Of particular note is that 2.0.50 addresses two security vulnerabilities:

A remotely triggered memory leak in http header parsing can allow a denial of service attack due to excessive memory consumption.
[CAN-2004-0493]

           Fixes a mod_ssl buffer overflow in the FakeBasicAuth code for a (trusted) client certificate subject DN which exceeds 6K in length.
      [CAN-2004-0488]



For further details, see the announcement





This article comes from Kuwait Linux User Group - OpenSource free stuff
http://www.q8linux.net

The URL for this story is:
http://www.q8linux.net/modules.php?name=News&file=article&sid=100