Fwd: [ANNOUNCEMENT] Apache HTTP Server 2.2.20 Released
Paul W. Frields
stickster at gmail.com
Wed Aug 31 17:31:34 UTC 2011
On Wed, Aug 31, 2011 at 05:39:14PM +0200, Reindl Harald wrote:
> this update should be really fast pushed out
>
> the demo-exploit brings down a 4x2.50GHz machine with 8 GB
> RAM in some seconds without having the known workarounds
> or explicit mod_security-Rules in front
>
> -------- Original-Nachricht --------
> Betreff: [ANNOUNCEMENT] Apache HTTP Server 2.2.20 Released
> Datum: Wed, 31 Aug 2011 07:21:33 -0400
> Von: Jim Jagielski <jim at jaguNET.com>
> Antwort an: dev at httpd.apache.org
> An: dev at httpd.apache.org
>
> Apache HTTP Server 2.2.20 Released
[...snip...]
The security bug is already being tracked:
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3192
I'd expect a new package to be issued shortly. Once that happens, if
you want to contribute to pushing this out, be ready to test the fixed
package and add karma. The process works when people participate.
--
Paul W. Frields http://paul.frields.org/
gpg fingerprint: 3DA6 A0AC 6D58 FEC4 0233 5906 ACDB C937 BD11 3717
http://redhat.com/ - - - - http://pfrields.fedorapeople.org/
The open source story continues to grow: http://opensource.com
More information about the devel
mailing list