Re: Apache Security Page and CVE-2011-3192

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Aug 31, 2011 at 6:22 AM, Paul Reilly <pareilly@xxxxxx> wrote:
> Why is there no information about the recent header Rang DoS  vulnerability
> in Apache on the Apache security page?
>
>  http://httpd.apache.org/security/
>
> I would have expected at least to see some mention of it, and possible
> work-arounds.

Only vulnerabilities which are fixed in a release are listed there.
As 2.2.20 is now released, the corresponding 2.2 security page has
been updated.

An advisory is available with more detailed information about the
vulnerability, including workarounds.  The most recent version is at
http://mail-archives.apache.org/mod_mbox/httpd-announce/201108.mbox/%3C20110826103531.998348F82@xxxxxxxxxxxxxxxxxxx%3E

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux