Apache v.2.4.25 release

Posted on Posted in Apache

Decription: New version of Apache web server has been announsed resently. This release includes fixes for a number of known vulnerabilities.

Changes:

  • Apache HTTP Request Parsing Whitespace Defects
  • HTTP/2 CONTINUATION denial of service
  • DoS vulnerability in mod_auth_digest
  • Padding Oracle in Apache mod_session_crypto
  • HTTP_PROXY environment variable "httpoxy" mitigation

Affected versions: 2.4.x

Recommended action: Upgrade to the version 2.4.25

Origin URLs:

Leave a Reply

Your email address will not be published. Required fields are marked *