| From: |
"Roderick Klein" <ecs-isp@2rosenthals.com> |
Full Headers
Undecoded message |
| Subject: |
Apache 2.4.49 zero day exploit... |
| Date: |
Tue, 05 Oct 2021 22:08:07 +0200 |
| To: |
eCS ISP Mailing List <ecs-isp@2rosenthals.com> |
|
|---|
On 2-10-21 11:42, Paul Smedley wrote:
Hi All,
The key changes with these is that apache2 has been updated to pull in
the socket functions from tcpip32.dll rather than so32dll.dll.
I don't expect this to make any significant differences in real life,
other than it slightly simplifies the build process.
https://smedley.id.au/tmp/php-8.0.9-os2-20211002.zip
https://smedley.id.au/tmp/httpd-2.4.49-os2-20211002-debug.zip
It seems this Apache version has a zero day exploit.
https://therecord.media/apache-fixes-actively-exploited-web-server-zero-day/
Roderick
|