Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: 2.4.13 release date and CVE-2015-0228 DOS attack |
|
| Author |
|
jsloey
Joined: 28 Oct 2014
Posts: 1
Location: Cape Coral
|
 Posted: Wed 27 May '15 17:42 Post subject: 2.4.13 release date and CVE-2015-0228 DOS attack |
 |
|
We ran a scan on our system using Critical Watch and failed due to a denial of service attack exploit in 2.4.12 identified as "CVE-2015-0228 - Apache - HTTP Server - Denial of Service Issue".
The recommendation was to use version 2.4.13
Any idea when 2.4.13 will be released?
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0228 |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7298
Location: Germany, Next to Hamburg
|
| Posted: Wed 27 May '15 18:24 Post subject: |
|
|
| That applies only if you use mod_lua. Otherwise is it a false positive. |
|
| Back to top |
|
|
|
|
|
|
