Apache HTTP Server 2.2.3 Released
The Apache Software Foundation and The Apache HTTP Server Project are
pleased to announce the release of version 2.2.3 of the Apache HTTP Server
(Apache).
This version of Apache is principally a bug and security fix release. The
following
Following a vote on dev@httpd.apache.org, and with input from the project
participants on the [EMAIL PROTECTED] Authors' discussion list,
the httpd project is pleased to announce the creation of a new modules-dev
list at httpd.apache.org. Current subscribers to the apache-modules list
will not be
Apache Portable Runtime 1.2.12 Released
The Apache Software Foundation and the Apache Portable Runtime
Project are proud to announce the General Availability of
version 1.2.12 of the APR Apache Portable Runtime library.
The Project further announces the General Availability of
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.2.17 of the Apache HTTP
Server (Apache). This version of Apache is principally a bug fix
release, and a security fix release of the APR-util 1.3.10 dependency;
*
Apache HTTP Server 2.2.18 Released
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.2.18 of the Apache HTTP
Server (Apache). This version of Apache is principally a bug fix
release, and a
The Apache Software Foundation and the Apache HTTP Server Project are
pleased to announce the release of version 2.2.21 of the Apache HTTP
Server (Apache). This version of Apache is principally a security
and bug fix release:
* SECURITY: CVE-2011-3348 (cve.mitre.org)
CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
all versions through 2.2.33 and 2.4.26
Description:
The value placeholder in [Proxy-]Authorization headers
of type 'Digest' was not initialized or
CVE-2017-9789: Read after free in mod_http2.c
Severity: Important
Vendor: The Apache Software Foundation
Versions Affected:
httpd 2.4.26
Description:
When under stress, closing many connections, the HTTP/2
handling code would sometimes access memory after it has
been freed, resulting in