Apache Security Release Available
We would like to thank Mark Litchfield of ngssoftware.com for discovering and reporting the vulnerability.
We consider Apache 1.3.26 to be the best version of Apache 1.3 available and we strongly recommend that users of older versions, especially of the 1.1.x and 1.2.x family, upgrade as soon as possible. No further releases will be made in the 1.2.x family. Users should also consider upgrading to Apache 2.0 as soon as all of the modules they need become available for 2.0."
See Apache Web Server Security Alert and ISS for a complete summary.
The link for this article located at Apache Project is no longer available.