“The Apache Software Foundation and the Apache HTTP Server
Project are pleased to announce the release of version 2.2.20 of
the Apache HTTP Server (“Apache”). This version of Apache is
principally a security and bug fix release:SECURITY: CVE-2011-3192 (cve.mitre.org) core: Fix handling of
byte-range requests to use less memory, to avoid denial of service.
If the sum of all ranges in a request is larger than the original
file, ignore the ranges and send the complete file. PR 51714.We consider this release to be the best version of Apache
available, and encourage users of all prior versions to
upgrade.
Apache HTTP Server 2.2.20 Released
By
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis