Hello, The description for security vulnerability CVE-2011-3192 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3192) notes that it applies to Apache HTTP Server 2.0.x through 2.0.64. A fix has been applied and available in the 2.2.x version, but currently there is not one for 2.0.x.
Is 2.0.x truly vulnerable and is there an estimated time when a fix will be available? Thank you, Bryan Laipple Software Engineer GENERAL DYNAMICS C4 Systems 8201 E. McDowell Road Scottsdale, AZ 85257 H8175-028 Office: 480-441-4064 bryan.laip...@gdc4s.com This message and/or attachments may include information subject to GDC4S S.P. 1.8.6 and GD Corporate Policy 07-105 and are intended to be accessed only by authorized recipients. Use, storage and transmission are governed by General Dynamics and its policies. Contractual restrictions apply to third parties. Recipients should refer to the policies or contract to determine proper handling. Unauthorized review, use, disclosure or distribution is prohibited. If you are not an intended recipient, please contact the sender and destroy all copies of the original message. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
