Apache Releases Version 2.2.21 With New Fix For Range Header Flaw
Posted on: 09/14/2011 05:10 PM

Threatpost reports that the Apache Software Foundation has released another fix for the range-header denial-of-service flaw

Apache Releases Version 2.2.21 With New Fix For Range Header Flaw


Two weeks after releasing a fix for the range-header denial-of-service flaw that was much-discussed on security forums and mailing lists, the Apache Software Foundation has pushed out another version of its popular Web server that includes a further fix for the same flaw.

Apache 2.2.21 has a patch for the CVE-2011-3192 vulnerability that the group previously fixed in late August with the release of version 2.2.20. The vulnerability is an old one that recently resurfaced after a researcher published an advisory on a modified version of the bug and also released a tool capable of exploiting the vulnerability.



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/apache_releases_version_2_2_21_with_new_fix_for_range_header_flaw.html)