On the mod_perl list it has been considered a DOS attack, and not an
exploit.
It's also only in Apache::PerlRun - so doesn't affect users using the more
popular Apache::Registry (was fixed mid-2000). Nor does it affect users
using pure-handlers.
I'd also point out that the release also fixes a handful of bugs that whilst
not urgent have been floating around since the last release back in Oct
2003.
Carl
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]