I’m not sure if this is what is referred to in the Apache 2.4.29 announcement,
but please note that the Apache Portable Runtime v1.6.3 release resolved memory
safety issues I found in functions used within HTTP server. This was released
in conjunction with 2.4.29.
Using HTTP server linked to prior versions of APR exposes the risks outlined in
my email sent to this list on Monday.
Best Regards,
Craig
On 10/25/17, 1:05 PM, "Development Manager" <devmana...@speedlinesolutions.com>
wrote:
The 2.4.29 changes document doesn't reference any CVE articles, though the
announcement indicates that this is a security release. Are any of the 2.4.29
changes security related?
Thanks,
Jim
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
