Πέμπτη, Ιουλίου 10, 2003

Apache HTTP Server 2.0.47

The Apache HTTP Server Project is proud to announce the tenth public release of Apache 2.0. This version of Apache is principally a security and bug fix release. Of particular note is that 2.0.47 addresses four security vulnerabilities:

  • Certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one could result in the weak ciphersuite being used in place of the strong one.
  • Certain errors returned by accept() on rarely accessed ports could cause temporal denial of service, due to a bug in the prefork MPM.
  • Denial of service was caused when target host is IPv6 but ftp proxy server can't create IPv6 socket.
  • The server would crash when going into an infinite loop due to too many subsequent internal redirects and nested subrequests.

Neowin.net - Apache HTTP Server 2.0.47

Δεν υπάρχουν σχόλια: