On 06/27/2013 12:02 PM, Gerald Waugh wrote:
> Apache HTTP Server Overlapping Byte-Range Denial of Service
>
> Apache HTTP Server version 2.2.20 has been released to address this
> issue, though many vendors (Redhat,
> Debian, etc) have also backported fixes to address the problem.
>
> Does anyone know if this is fixed in 2.2.15 ?
>
>

This was fixed in httpd-2.2.15-9.sl6.2

Pat

-- 
Pat Riehecky

Scientific Linux developer
http://www.scientificlinux.org/