Linux Today: Linux News On Internet Time.





More on LinuxToday


Multiple Apache Web Server Flaws Patched

Mar 09, 2010, 19:36 (0 Talkback[s])
(Other stories by Sean Michael Kerner)

"The Apache HTTP Web Server is the most widely deployed Web server on the Internet today, which means that vulnerabilities in the open source server can have a devastating impact. That also makes security updates like the new 2.2.15 release critical, since it addresses several security vulnerabilities in Apache's flagship HTTP Web server.

"Chief among the new vulnerabilities is one flaw relating to a broader SSL issue first disclosed in November 2009. That issue involves a renegotiation flaw with TLS .

""Notably, this release was updated to reflect the OpenSSL Project's release 0.9.8m of the openssl library, and addresses CVE-2009-3555, the TLS renegotiation prefix injection attack," Apache noted in a mailing list announcement."

Complete Story

Related Stories: