whats new with hp Apache-based web server v.2.0.43?
HP Apache 2.0.43.00: This version of HP Apache is principally a security-fix and bug-fix release. All users are urged to upgrade immediately to this release. ———> • Apache 2.0.43: Addresses and fixes three security vulnerabilities in this release: • CAN-2002-0840: cross-site scripting vulnerability in the default error page when using wildcard DNS. • CAN-2002-1156: Prevent POST requests for CGI scripts from serving the source code when DAV is enabled on the location. This only affected Apache version 2.0.42. • CAN-2002-0843: possible overflows in ab.c which could be exploited by a malicious server. For more information about the security vulnerabilities, go to http://cve.mitre.org/, and search for: CAN-2002-0839, CAN-2002-1156, CAN-2002-0843 Highlights of enhancements and bug-fixes included in this release: • mod_cache fix. • mod_ssl dbm session cache support fix for mutex problem. • UserDir directive accepts list of directories, as in 1.3.x. • mod_cache’s CacheMaxStreamingBuffer