Topics
Tags
Favorite Links
Translate
Pick Your Language
Security Books
Archives
Recent entries...
Twitter
Sponsored Ads
Popular Pages
Sponsored Ads
The Web Security Mailing List

« Nikto version 2.1.1 released | Main | Larry Suto Web Application Security Scanner Comparison Report Inaccurate Vendors Say »

R.I.P. Apache 1.x: Apache 1.3.42 marks of end life

The latest version of Apache 1.3.42 is the last 1.3 version of Apache that will be released. I admit I've been running 1.3 for ages now due to it being rock solid and having a decent security track record. The announcement states that security patches 'may be available' at http://www.apache.org/dist/httpd/patches/ but consider this the time to finally upgrade to 2.x.

"This version of Apache is is principally a bug and security fix release. The following moderate security flaw has been addressed:

  • CVE-2010-0010: mod_proxy: Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long). Reported by Adam Zabrocki." - Apache

Announcement: http://www.apache.org/dist/httpd/Announcement1.3.html

Posted by Robert A. on 02/03/2010 in Announcements , IndustryNews | Permalink | Reddit

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.


All Comments are Moderated and will be delayed!



I continue to use Apache/1.3 on my home web server. I use the prefork model anyways so upgrading would not give me the performance boost of Apache2.0/2.2 with worker mpm. Apache 1.3 is compact and super fast to compile.

Posted by: Werner | Jun 11, 2010 9:17:01 AM

Post a comment







Remember personal info?


Copyright 2000-2009 CGISecurity.com | Privacy Policy| java mailing list| resolve ip| Mailing Lists | Sony deals