HZGN.COM
welcome to my space
X
Feng Shui | Graphic Design | Cosmetics | Causes and Organizations | Regulatory Compliance | Gadgets and Gizmos | Computer Forensics | Tools and Equipment | Related articles
Search:  
Welcome to:hzgn.com
 HOME   Apache Pushes Bug Fix, Security Releases Out the Door

Apache Pushes Bug Fix, Security Releases Out the Door

Published by: smith 2008-11-22

The Apache project has released two new versions of its HTTP server software, providing bug and security fixes for the primary development branches, versions 1.3 and 2.0. Both releases address problems in a pair of modules meant to handle redirecting web clients to alternate web pages.

Under fairly complex configurations, mod_rewrite and mod_alias, modules that allow administrators to create rules under which visitors to a URL matching certain characteristics are automatically redirected to an alternate location, suffered from buffer overflows, which can cause software to crash or compromise a server's security. The vulnerability has been identified in the Common Vulnerabilies and Exposures (CVE) database, but no further information has been provided yet, a common practice that allows software developers to patch critical holes before information on how to exploit them is made public.

Apache 2.0.48 includes a patch for a second vulnerability in its mod_cgid, which could result in CGI output being directed to the wrong client in certain circumstances. As with the other vulnerabillity, the bug has been identified but left largely undocumented by the CVE Web site.

www.net-security.org/dl/newsletter/txt/issue313.txt::
http://www.net-security.org/news.php?id=11013 FIREFOX BUG COULD BE SERIOUS A security.org/news.php?id=11029 APACHE NOW THE LEADER IN SSL SERVERS Apache has
http://www.net-security.org/dl/newsletter/txt/issue313.txtHOME
#108529-29: SunOS 5.8_x86: kernel update and Apache patch::
Unbundled Release: Xref: This patch available for SPARC as patch 108528. Topic: java/security/package-frame.html /usr/apache/jserv/docs/api/org
http://sunsolve.sun.com/search/document.do?assetkey=1-21-108529-29-1HOME

In addition to the security fix, Apache 2.0.48, the newer of the two development branches, includes numerous bug fixes but no new features. A complete list of patches may be found in the project's official release announcement.

Apache 1.3.29, which represents the latest in the project's older, more Unix-oriented development line, does include one new feature among the patches, enabling RFC1413-compliant ident functionality for the Windows and NetWare platforms, as well as thread safe timeout functionality for servers querying an ident daemon. Several other patches and changes are documented in the server's official release announcement.

Both releases may be obtained from the Apache Project's download page.




Oracle Opens New Centers in China
Microsoft's New WinFS Gets the PDC Buzz

PRINT Add to favorites
#If you have any other info about this subject , Please add it free.#
Your name:
E-mail:
Telphone:

Your comments:


If you have any other info about Apache Pushes Bug Fix, Security Releases Out the Door , Please add it free.

About us -Site map -Advertisement -Jion us -Contact usExchange linksSponsor us
Copyright© 2008 hzgn.com All Rights Reserved
Site made&Support support@hzgn.com    E-mail: web@hzgn.com