Apache HTTP Server 2.2.27 发布,该版本主要是安全维护版本,包括:
CVE-2014-0098 (cve.mitre.org)
Segfaults with truncated cookie logging.
mod_log_config: Prevent segfaults when logging truncated
cookies. Clean up the cookie logging parser to recognize
only the cookie=value pairs, not valueless cookies.
CVE-2013-6438 (cve.mitre.org)
mod_dav: Keep track of length of cdata properly when removing
leading spaces. Eliminates a potential denial of service from
specifically crafted DAV WRITE requests
下载地址:http://mirror.bit.edu.cn/apache//httpd/httpd-2.2.27.tar.gz
来自:开源中国社区
