Folks,
Have we done (or who is doing a CVE) on this ? So we get immediate 'fixes' out
like a tiny patch to count the comma's, a caveated LimitRequestFieldSize 100 or
a clever Regex on %{HTTP_Range}.Or am I totally asleep and missed the CVE (as my google foo only nets me CVE-2005-2728 right now - which is from 2005!). Dw.
