This download page includes only the sources to compile and build mod_perl yourself with the proper tools. To download a precompiled distribution for your platform please see here.
A flaw was discovered in the Apache::PerlRun module shipped with mod_perl 1.29 and earlier and in the ModPerl::RegistryCooker module shipped with mod_perl 2.03 and earlier. A remote attacker could craft a URL with a path that would be interpreted as a regular expression, potentially allowing a denial of service by creating an expression that will take a very long time to run. This vulnerability only affects Apache::PerlRun and custom subclasses of ModPerl::RegistryCooker that explicitly use the namespace_from_uri() method. The Apache::Registry, ModPerl::PerlRun, and ModPerl::Registry modules are NOT affected.
Users of mod_perl 1.29 and earlier are encouraged to upgrade to 1.30 if they use Apache::PerlRun for their applications. Users of mod_perl 2.03 are encouraged to check their custom code for calls to the namespace_from_uri() method and replace it with the namespace_from_filename() method./perl/
|File Name ↓||File Size ↓||Date ↓|
|mod_perl-1.31.tar.gz||380.8 KiB||2020-Jul-06 14:23|
|mod_perl-2.0.11.tar.gz||3.7 MiB||2020-Jul-06 14:23|