Apache Security Update Released
Version 2.2.21 patches two denial of service vulnerabilities.
The Apache Software Foundation recently announced the availability of Apache HTTP Server 2.2.21.
"Apache 2.2.21 has a patch for the CVE-2011-3192 vulnerability that the group previously fixed in late August with the release of version 2.2.20," writes Threatpost's Dennis Fisher. "The vulnerability is an old one that recently resurfaced after a researcher published an advisory on a modified version of the bug and also released a tool capable of exploiting the vulnerability."
"Apache 2.2.21 also includes a fix for a second vulnerability, CVE-2011-3348, which is a separate denial-of-service flaw," Fisher writes.
Go to "Apache Releases Version 2.2.21 With New Fix For Range Header Flaw" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.