Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apache 1.3.26 and 2.0.39 Released

Posted by krow on Tuesday June 18, 2002 @11:45AM from the would-you-like-fries-with-that dept.

cliffwoolley writes "The Apache Software Foundation has released new versions of both Apache 1.3 and 2.0. These versions are both security and bug-fix releases. They address and fix the issues noted in CAN-2002-0392 [CERT VU#944335] regarding a vulnerability in the handling of chunked transfer encoding. You can download the new releases here." This of course is for the exploit that we reported yesterday. It is hard to complain about a 24-hour response time for a bug.

2 of 138 comments (clear)

Min score:

Reason:

Sort:

Re:mod_ssl? by jonabbey · 2002-06-18 14:54 · Score: 5, Informative

mod_ssl is baked into the Apache releases 2.0.35 and later, and is _far_ easier to compile and install than the old Apache 1.3 + external mod_ssl was.

Get to Apache 2.0.x when you can.

--
- jon

Ganymede, a GPL'ed metadirectory for UNIX
FUD by Vainglorious+Coward · 2002-06-18 17:14 · Score: 5, Informative

This of course is for the exploit that we reported yesterday

Um, surely you mean vulnerability ?

--
My next sig will be ready soon, but subscribers can beat the rush