A new Apache-Perl package for Debian GNU/Linux has been released

According to David Wagner, iDEFENSE and the Apache HTTP Server Project, several vulnerabilities have been found in the Apache server package, a commonly used webserver. Most of the code is shared between the Apache and Apache-Perl packages, so vulnerabilities are shared as well.

These vulnerabilities could allow an attacker to enact a denial of service against a server or execute a cross site scripting attack, or steal cookies from other web site users.

Read more