On 8/31/2011 8:17 AM, Jeff Trawick wrote: > On Wed, Aug 31, 2011 at 6:22 AM, Paul Reilly <pareilly@xxxxxx> wrote: >> Why is there no information about the recent header Rang DoS vulnerability >> in Apache on the Apache security page? >> >> http://httpd.apache.org/security/ >> >> I would have expected at least to see some mention of it, and possible >> work-arounds. > > Only vulnerabilities which are fixed in a release are listed there. > As 2.2.20 is now released, the corresponding 2.2 security page has > been updated. Actually, all published vulnerabilities are supposed to be listed. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|