************************************************************** Net Happenings - From Educational CyberPlayGround ************************************************************** Apache Rushes to Fix Serious DoS Hole The Apache Software Foundation has released a patch for a denial-of-service vulnerability discovered by cybersecurity firm iDefense. The 2.0.45 release also eliminates leaks of file descriptors to child processes, which would constitute a security threat on servers running untrusted CGIs. Details of the flaw will not be release until April 8, 2003. This follows an embarrassing incident in June 2002, when ISS published an exploit before notifying Apache or allowing time for Apache to develop a patch. Apache urges its users to upgrade immediately, before the details are released on April 8. http://www.internetnews.com/dev-news/article.php/2174351 ************************************************************** The Net Happenings mailing list is a service of Educational CyberPlayGround - http://www.edu-cyberpg.com/ ************************************************************** If you have any questions, concerns, suggestions, or would like to sponsor the Net Happenings service - <http://www.edu-cyberpg.com/Community/Subguidelines.html> Subscribe | Unsubscribe | Change Email Preferences - <http://www.edu-cyberpg.com/Community/NetHappenings.html> **************************************************************