The Apache Software Foundation recently announced the availability of Apache HTTP Server 2.2.21.

"Apache 2.2.21 has a patch for the CVE-2011-3192 vulnerability that the group previously fixed in late August with the release of version 2.2.20," writes Threatpost's Dennis Fisher. "The vulnerability is an old one that recently resurfaced after a researcher published an advisory on a modified version of the bug and also released a tool capable of exploiting the vulnerability."

"Apache 2.2.21 also includes a fix for a second vulnerability, CVE-2011-3348, which is a separate denial-of-service flaw," Fisher writes.


Go to "Apache Releases Version 2.2.21 With New Fix For Range Header Flaw" to read the details.

For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.