“The Apache HTTP Web Server is the most widely deployed Web
server on the Internet today, which means that vulnerabilities in
the open source server can have a devastating impact. That also
makes security updates like the new 2.2.15 release critical, since
it addresses several security vulnerabilities in Apache’s flagship
HTTP Web server.“Chief among the new vulnerabilities is one flaw relating to a
broader SSL issue first disclosed in November 2009. That issue
involves a renegotiation flaw with TLS .“”Notably, this release was updated to reflect the OpenSSL
Project’s release 0.9.8m of the openssl library, and addresses
CVE-2009-3555, the TLS renegotiation prefix injection attack,”
Apache noted in a mailing list announcement.”
Multiple Apache Web Server Flaws Patched
By
Sean Michael Kerner
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis