Slashdot Mirror

← Back to Stories (view on slashdot.org)

Apache Fixes Range Header Flaw, Again

Posted by samzenpus on from the got-it-this-time dept.

Trailrunner7 writes "Two weeks after releasing a fix for the range-header denial-of-service flaw that was much-discussed on security forums and mailing lists, the Apache Software Foundation has pushed out another version of its popular Web server that includes a further fix for the same flaw. Apache 2.2.21 has a patch for the CVE-2011-3192 vulnerability that the group previously fixed in late August with the release of version 2.2.20. The vulnerability is an old one that recently resurfaced after a researcher published an advisory on a modified version of the bug and also released a tool capable of exploiting the vulnerability."

1 of 21 comments (clear)

  1. Re:Quick fixes by Dunbal · · Score: 0, Flamebait

    Or Apple's "security flaws? We don't have any security flaws and shutthefuckup or we will sue you to oblivion" policy.

    --
    Seven puppies were harmed during the making of this post.