Date:  Sat, 10 Aug 2002 07:10:45 -0400
From:  madodelatptdprolog.net
Subject:  [VOICENWS] SW: Serious Vulnerability in Apache 2.0

From: "Rob M" <robathyperforce.com> 

On August 7, the Apache Software Foundation was notified of a significant
vulnerability that affects the Win32, OS/2, and Netware ports of Apache
2.0. It has the potential to allow an attacker to inflict serious damage
to a server and/or reveal sensitive data on those platforms. To fix this
vulnerability in addition to a number of cross-platform issues (a pair of
path exposures and a number of bugs), Apache 2.0.40 has been released. It
is considered the best currently available version of Apache, and all
users are urged to upgrade.

Security bulletin:
http://httpd.apache.org/info/security_bulletin_20020809a.txt  

A workaround is detailed in the above security bulletin.  

Apache 2.0.40 for OS/2:
http://www.apache.org/dist/httpd/binaries/os2/httpd-2.0.40-os2.zip

Apache/2 URL: http://www.apache.org/~bjh/apache2/ 

Sent via OS2.org online news formular.

                           

-- 

To unsubscribe yourself from this list, send the following message
to majormajoratos2voice.org

     unsubscribe news
     end

If you have an announcement you would like posted to the VOICE 
News list, please send it to submitatos2voice.org. Please include a 
valid reply address and a real contact name.  If you wish to comment
on this post, please reply to feedbackatos2voice.org