General News

Apache released patch for Range Byte Flaw

Apache have released Patch for the recent range bytes request flaw which we published few days ago. This patch fix the Security flaw and

Change Log :

SECURITY: CVE-2011-3192 ( core: Fix handling of byte-range requests
to use less memory, to avoid denial of service. If the sum of all ranges in a
request is larger than the original file, ignore the ranges and send the complete
file. PR 51714.

You can download latest stable release here

If you are running CEntOS, you can update it in this way;

Check update using Yum Utility
yum check-update httpd

Install it
yum update httpd

If don’t want to update it, you can see this post for mitigation techniques.

One reply on “Apache released patch for Range Byte Flaw”

Comments are closed.