Apache HTTP Server 2.2.10 Released

This afternoon I upgraded the servers that run the Drudge Retort and SportsFilter to Apache 2.2.10, a minor upgrade released on Oct. 15 that fixes a cross-site scripting (XSS) vulnerability in FTP URLs discovered by Marc Bevand of the network security company Rapid 7.

The rest of the changes in the new version look like minor bug fixes.

I compile the Apache web server from source code on both servers, a process that was difficult the first time around but has been easy since then. After I download a new version, I upgrade with three commands:

  1. ./configure --prefix=/usr/local/apache2 --enable-rewrite --enable-so
  2. make
  3. make install

Add a Comment

These HTML tags are permitted: <p>, <b>, <i>, <a>, and <blockquote>. A comment may not include more than three links. This site is protected by reCAPTCHA (for which the Google Privacy Policy and Terms of Service apply).