Het ontwikkelteam achter Apache heeft versie 2.0.51 van zijn HTTP server-software uitgebracht. Deze release is voornamelijk een bugfix-versie. Het volledige changelog is hier te vinden, maar dit zijn de belangrijkste bugs die zijn verholpen:
This version of Apache is principally a bug fix release. Of particular note is that 2.0.51 addresses five security vulnerabilities:
- An input validation issue in IPv6 literal address parsing which can result in a negative length parameter being passed to memcpy. [CAN-2004-0786]
- A buffer overflow in configuration file parsing could allow a local user to gain the privileges of a httpd child if the server can be forced to parse a carefully crafted .htaccess file. [CAN-2004-0747]
- A segfault in mod_ssl which can be triggered by a malicious remote server, if proxying to SSL servers has been configured. [CAN-2004-0751]
- A potential infinite loop in mod_ssl which could be triggered given particular timing of a connection abort. [CAN-2004-0748]
- A segfault in mod_dav_fs which can be remotely triggered by an indirect lock refresh request. [CAN-2004-0809][break]De volgende downloads zijn beschikbaar:
Broncode voor Win32 compilers
:strip_exif()/i/1248859594.gif?f=thumbmedium)
/u/20302/pc.png?f=community){kind=small}
:strip_exif()/u/14827/x.gif5.html.gif?f=community){kind=small}
/u/76039/crop57da9da8c9647_cropped.png?f=community){kind=small}
