httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Taveras <d3taveras3...@gmail.com>
Subject [users@httpd] About apache2 vulnerability with apr and apr-utils. How bad is it?
Date Thu, 10 Sep 2009 23:05:56 GMT
Hello,

I run apache 2.2.9 & apache 2.2.11 both with  apr-1.2.11p2   &
apr-util-1.2.10p2


According to the CVE at
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2412  only  0.9.x and
1.3.x are affected .  Could anybody confirm that this is so? If not.. how
bad is this vulnerability to a user? Would mod_security help for this?

Thank you.

Mime
View raw message