Apache 2.2.13 with Overflow Protection

Aug 11, 2009

With Apache 2.2.13, developers have closed security holes in the popular webserver.

A security bulletin reports problems concerning the Apache Portable Runtime (APR) and the Apache Portable Utility (APU). Both libraries were vulnerable to remote sources using integer overflow to launch “denial of service” attacks that could cause the application to crash. The execution of malicious code using the same external method was also a possibility.

The new version not only fixes the bug but also improves compatibility with test version 1.0.0 of OpenSSL. The changelog has a list of all changes. The
download webpage can be reached by following this link.

Related content

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More