Re: RE: [ANNOUNCE] Apache HTTP Server 2.4.29 Released

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I’m not sure if this is what is referred to in the Apache 2.4.29 announcement, but please note that the Apache Portable Runtime v1.6.3 release resolved memory safety issues I found in functions used within HTTP server.  This was released in conjunction with 2.4.29.

Using HTTP server linked to prior versions of APR exposes the risks outlined in my email sent to this list on Monday.

Best Regards,
Craig

On 10/25/17, 1:05 PM, "Development Manager" <devmanager@xxxxxxxxxxxxxxxxxxxxxx> wrote:

    The 2.4.29 changes document doesn't reference any CVE articles, though the announcement indicates that this is a security release. Are any of the 2.4.29 changes security related?
    
    Thanks,
    Jim
    
    ---------------------------------------------------------------------
    To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
    For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
    
    


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux