• Kazuhiko Shiozaki's avatar
    version up : Apache HTTP Server 2.2.21 including severay security fixes. · a2d8de8e
    Kazuhiko Shiozaki authored
    * SECURITY: CVE-2011-3348 mod_proxy_ajp when combined with mod_proxy_balancer: Prevents unrecognized HTTP methods from marking ajp: balancer members in an error state, avoiding denial of service.
    * SECURITY: CVE-2011-3192 core: Further fixes to the handling of byte-range requests to use less memory, to avoid denial of service. This patch includes fixes to the patch introduced in release 2.2.20 for protocol compliance, as well as the MaxRanges directive.
    a2d8de8e
buildout.cfg 5.08 KB