Hi I would like to confirm whether the following issues are fixed in Apache HTTP server 2.2.29 or not? ====================== Description of vulnerabilities Multiple vulnerabilities have been reported in Apache HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
1) An error within the mod_cgid module when handling certain input can be exploited to cause a hang of a child process. 2) An error within WinNT MPM can be exploited to trigger a memory leak by sending specially crafted requests. Successful exploitation requires the server is configured using the default AcceptFilter setting. Note: This vulnerability only affects Apache HTTP Server running on Windows NT operating systems. 3) An error when handling HTTP headers within the mod_proxy module can be exploited to cause a crash of the worker by sending a specially crafted request. Successful exploitation requires the server to be configured as a reverse proxy. 4) An error when within mod_deflate module can be exploited to consume memory and CPU resources. Successful exploitation requires the server to be configured to use request body decompression. The vulnerabilities are reported in 2.4.x versions prior to 2.4.9 and 2.2.x versions prior to 2.2.27 and 2.x versions prior to 2.0.65 ====================== Pl. confirm me ASAP. Thanks Kesavan Sengodan
