Apache 2.0.48 Released
Gruturo writes "Busy week for the Apache software foundation:
After 1.3.29, version 2 gets an update as well with 2.0.48, which mainly fixes these two security vulnerabilities.
As usual, using a mirror is recommended." The official announcement lists several changes as well.
Download the code and fix it yourself. Submit a patch back to Apache. Feel good knowing you both helped a project you use and fixed your own problem.