Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apache Issues Fix For Win32, OS/2 bug

Posted by Hemos on Sunday May 27, 2001 @05:56PM from the fixing-the-bugs dept.

dthor writes "An exploit was discovered that allows a malicious user to terminate the Apache server 1.3.x running on Win32 or OS2. Apache has released a patch. 'Users of older versions of Apache on Win32 and OS2 platforms are cautioned to to upgrade to 1.3.19 and apply this fix. All Win32 and OS2 users are strongly encouraged to upgrade to 1.3.20 once it is released.'"

4 of 9 comments (clear)

Min score:

Reason:

Sort:

1.3.20 by green+pizza · 2001-05-28 11:56 · Score: 2

1.3.20 has been out for what, 5 days already? Yeesh, look at the Freshmeat Slashbox from time to time.
1. Re:1.3.20 by epicurus · 2001-05-29 01:40 · Score: 2
  
  yeah, but the windoze binaries are always a few days (sometimes a week or more) behind in getting released...
  
  --
  
  terradot, growing awareness
Re:HA! See? by ConsumedByTV · 2001-06-03 22:52 · Score: 2

Yea your right, but because its OS it got patched ASAP, no cover up, no stock holders to kiss ass to, just fixed the problem and didnt even have to fill a report.

The Lottery:

--

"Not my manner of thinking but the manner of thinking of others has been the source of my unhappiness." - M
Apache 1.3.20 is released by geirt · 2001-05-27 18:17 · Score: 4

... users are strongly encouraged to upgrade to 1.3.20 once it is released.

Here is the Release Announcement for 1.3.20

The relevant part of the changelog:

* A carefully constructed URI could cause the server to segfault on Win32 and OS/2, denying access to users until the error was cleared. This is resolved on both platforms, no server data vulnerability was identified for this denial of service exploit.

--

RFC1925