{"id":678,"date":"2011-09-10T23:08:43","date_gmt":"2011-09-11T03:08:43","guid":{"rendered":"http:\/\/mrhost.ca\/system\/?p=678"},"modified":"2011-09-10T23:11:35","modified_gmt":"2011-09-11T03:11:35","slug":"apache-2-2-20-upgrade","status":"publish","type":"post","link":"https:\/\/mrhost.ca\/system\/2011\/09\/apache-2-2-20-upgrade\/","title":{"rendered":"Apache 2.2.20 Upgrade"},"content":{"rendered":"<p>This evening, all Mr.Host web servers were upgraded to Apache 2.2.20.<\/p>\n<p>This version is principally a security\u00a0(<a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2011-3192\" target=\"_blank\">CVE-2011-3192<\/a>)\u00a0and bugfix release .<\/p>\n<p>Changes with Apache 2.2.20<\/p>\n<ul>\n<li>SECURITY: CVE-2011-3192 (cve.mitre.org) core: Fix handling of byte-range requests to use less memory, to avoid denial of service. If the sum of all ranges in a request is larger than the original file, ignore the ranges and send the complete file. PR 51714. [Stefan Fritsch, Jim Jagielski, Ruediger Pluem, Eric Covener]<\/li>\n<li>mod_authnz_ldap: If the LDAP server returns constraint violation, don&#8217;t treat this as an error but as &#8220;auth denied&#8221;. [Stefan Fritsch]<\/li>\n<li>mod_filter: Fix FilterProvider conditions of type &#8220;resp=&#8221; (response headers) for CGI. [Joe Orton, Rainer Jung]<\/li>\n<li>mod_reqtimeout: Fix a timed out connection going into the keep-alive state after a timeout when discarding a request body. PR 51103. [Stefan Fritsch]<\/li>\n<li>core: Do the hook sorting earlier so that the hooks are properly sorted for the pre_config hook and during parsing the config. [Stefan Fritsch]<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>This evening, all Mr.Host web servers were upgraded to Apache 2.2.20. This version is principally a security\u00a0(CVE-2011-3192)\u00a0and bugfix release . Changes with Apache 2.2.20 SECURITY: CVE-2011-3192 (cve.mitre.org) core: Fix handling of byte-range requests to use less memory, to avoid denial of service. If the sum of all ranges in a request is larger than the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[13,4,3],"tags":[],"_links":{"self":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts\/678"}],"collection":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/comments?post=678"}],"version-history":[{"count":5,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts\/678\/revisions"}],"predecessor-version":[{"id":682,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts\/678\/revisions\/682"}],"wp:attachment":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/media?parent=678"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/categories?post=678"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/tags?post=678"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}