This is a mirror of official site:

Apache 2.2.20 released to fix DoS vulnerability

| Wednesday, August 31, 2011
This afternoon the Apache Foundation released an awaited fix to the denial of service (DoS) vulnerability reported a few days ago.

The fixes in version 2.2.20 of the Apache httpd server reduce the amount of memory that is used by range requests. If the total bytes of a file requested exceed the total file size, httpd will return the entire file.

This follows closely on the heels of a tool released to the Full Disclosure mailing list this week that exploits the flaw.

Read more: Naked security

Posted via email from Jasper-net