The Apache Software Foundation has rushed out another update to the Apache 2.0 HTTP Server because of a significant denial-of-service vulnerability discovered and reported by security research firm iDefense. An announcement from the Foundation warned that prior Apache 2.0 versions . . .
The Apache Software Foundation has rushed out another update to the Apache 2.0 HTTP Server because of a significant denial-of-service vulnerability discovered and reported by security research firm iDefense. An announcement from the Foundation warned that prior Apache 2.0 versions through 2.0.44 contained a serious DoS flaw (define).

Details of the vulnerability have been embargoed until April 8, but the group wanted to issue a safe upgrade after an embarrassing incident last June, when a high-risk exploit was released on security mailing lists before a patch could be issued.

"No more specific information is disclosed at this time, but all Apache 2.0 users are encouraged to upgrade now," the ASF said. The two security flaws affect all platforms.

The link for this article located at InternetNews is no longer available.