Index of /dist

URL regular expression DoS (CVE-2007-1349)
A flaw was discovered in the Apache::PerlRun module shipped with mod_perl 1.29 and earlier and in the ModPerl::RegistryCooker module shipped with mod_perl 2.03 and earlier. A remote attacker could craft a URL with a path that would be interpreted as a regular expression, potentially allowing a denial of service by creating an expression that will take a very long time to run. This vulnerability only affects Apache::PerlRun and custom subclasses of ModPerl::RegistryCooker that explicitly use the namespace_from_uri() method. The Apache::Registry, ModPerl::PerlRun, and ModPerl::Registry modules are NOT affected.

Users of mod_perl 1.29 and earlier are encouraged to upgrade to 1.30 if they use Apache::PerlRun for their applications. Users of mod_perl 2.03 are encouraged to check their custom code for calls to the namespace_from_uri() method and replace it with the namespace_from_filename() method.

Please note!
mod_perl-1.24_01.tar.gz or later is required for Apache >= 1.3.14.

 Name                            Last modified      Size  Description
 Parent Directory                                     -   
 KEYS                            2012-05-16 06:19   39K  Developer PGP/GPG keys
 contrib/                        1999-02-25 23:42    -   
 mod_perl-1.0-current.tar.gz     2009-05-13 02:23  381K  
 mod_perl-1.0-current/           2009-05-12 02:04    -   
 mod_perl-1.1-current.tar.gz.asc 2009-05-13 02:30  194   PGP signature
 mod_perl-1.31.tar.gz            2009-05-13 02:23  381K  
 mod_perl-1.31.tar.gz.asc        2009-05-13 02:30  194   PGP signature
 mod_perl-1.31/                  2009-05-12 02:04    -   
 mod_perl-2.0-current.tar.gz     2012-04-25 15:24  3.6M  
 mod_perl-2.0-current.tar.gz.asc 2012-04-25 15:33  495   PGP signature
 mod_perl-2.0-current/           2012-04-25 05:31    -   
 mod_perl-2.0.5.tar.gz           2011-02-07 23:17  3.6M  
 mod_perl-2.0.5.tar.gz.asc       2011-02-07 23:32  487   PGP signature
 mod_perl-2.0.5/                 2011-02-07 22:13    -   
 mod_perl-2.0.6.tar.gz           2012-04-25 15:24  3.6M  
 mod_perl-2.0.6.tar.gz.asc       2012-04-25 15:33  495   PGP signature
 mod_perl-2.0.6/                 2012-04-25 05:31    -   
 win32-bin/                      2011-07-19 05:01    -

Apache/2.4.1 (Unix) OpenSSL/1.0.0g Server at perl.apache.org Port 80