Well just come out with it Apache
So yesterday, I read bugtraq, as I always do. Not much in there to get me excited. I read news.com today and they have a headline "Apache patch to thwart DoS attack". I look at todays bugtraq, nothing. I wonder what's up. I search bugtraq. There was a release announcement yesterday and no other announcements since February 18th. I opened the Release announcement and it in the middle of the software release announcement. It stated in the third and fourth paragraphs about the general vulnerablities:
Prior Apache 2.0 versions through 2.0.44 had a significant Denial of Service vulnerability that was identified and reported by David Endler , and fixed with this release. The specific details of this issue will be published by David Endler one week from this release, on April 7th. No more specific information is disclosed at this time, but all Apache 2.0 users are encouraged to upgrade now. [http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0132]

Way to go Lars Eilebrecht.
Cnet story here, bugtaq announcement here.

posted by tommEE  # 4/03/2003 05:03:00 PM
Comments: Post a Comment



<< Home

archives


This page is powered by Blogger. Isn't yours?