On Wed, Aug 31, 2011 at 05:39:14PM +0200, Reindl Harald wrote: > this update should be really fast pushed out > > the demo-exploit brings down a 4x2.50GHz machine with 8 GB > RAM in some seconds without having the known workarounds > or explicit mod_security-Rules in front > > -------- Original-Nachricht -------- > Betreff: [ANNOUNCEMENT] Apache HTTP Server 2.2.20 Released > Datum: Wed, 31 Aug 2011 07:21:33 -0400 > Von: Jim Jagielski <jim@xxxxxxxxxxx> > Antwort an: dev@xxxxxxxxxxxxxxxx > An: dev@xxxxxxxxxxxxxxxx > > Apache HTTP Server 2.2.20 Released [...snip...] The security bug is already being tracked: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192 I'd expect a new package to be issued shortly. Once that happens, if you want to contribute to pushing this out, be ready to test the fixed package and add karma. The process works when people participate. -- Paul W. Frields http://paul.frields.org/ gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717 http://redhat.com/ - - - - http://pfrields.fedorapeople.org/ The open source story continues to grow: http://opensource.com -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel
