[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released

To: "Philip M. Gollucci" <pgollucci@xxxxxxxxxx>
Subject: [Full-disclosure] Re: [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released
From: Steve VanDevender <stevev@xxxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 3 Aug 2006 12:17:37 -0700

Philip M. Gollucci writes:
 > William A. Rowe, Jr. wrote:
 > >                     Apache HTTP Server 2.2.3 Released
 > > 
 > > The Apache Software Foundation and The Apache HTTP Server Project are
 > > pleased to announce the release of version 2.2.3 of the Apache HTTP Server
 > > ("Apache").
 > > 
 > > This version of Apache is principally a bug and security fix release. The
 > > following potential security flaws are addressed;
 > > 
 > >    CVE-2006-3747: An off-by-one flaw exists in the Rewrite module,
 > >    mod_rewrite, as shipped with Apache 1.3 since 1.3.28, 2.0 since 2.0.46,
 > >    and 2.2 since 2.2.0.
 > Is a release in the 2.0.x (2.0.59) soon to follow ?

Both 2.0.59 and 1.3.37 have been out for at least a couple of days now,
both including the mod_rewrite fix.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Re: [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released
  - From: Philip M. Gollucci

Prev by Date: Re: [Full-disclosure] XSS funtime
Next by Date: Re: [Full-disclosure] XSS funtime
Previous by thread: [Full-disclosure] Re: [Announcement] Apache HTTP Server 2.2.3 (2.0.59, 1.3.37) Released
Next by thread: [Full-disclosure] Secunia Research: PC Tools AntiVirus Insecure Default Directory Permissions
Index(es):
- Date
- Thread