Mailing List ecs-isp@2rosenthals.com Archived Message #360 previous message next message back to list

From: "Roderick Klein" <ecs-isp@2rosenthals.com> Full Headers
Undecoded message
Subject: Apache 2.4.49 zero day exploit...
Date: Tue, 05 Oct 2021 22:08:07 +0200
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>

On  2-10-21 11:42, Paul Smedley wrote:

Hi All,

The key changes with these is that apache2 has been updated to pull in
the socket functions from tcpip32.dll rather than so32dll.dll.

I don't expect this to make any significant differences in real life,
other than it slightly simplifies the build process.

https://smedley.id.au/tmp/php-8.0.9-os2-20211002.zip
https://smedley.id.au/tmp/httpd-2.4.49-os2-20211002-debug.zip

It seems this Apache version has a zero day exploit.

https://therecord.media/apache-fixes-actively-exploited-web-server-zero-day/

Roderick
Subscribe: Feed, Digest, Index.
Unsubscribe
Mail to ListMaster