Mandriva Linux Security Advisory - A vulnerability was discovered in the mod_proxy module in Apache where it did not limit the number of forwarded interim responses, allowing remote HTTP servers to cause a denial of service (memory consumption) via a large number of interim responses. A cross-site scripting vulnerability was found in the mod_proxy_ftp module in Apache that allowed remote attackers to inject arbitrary web script or HTML via wildcards in a pathname in an FTP URI. The updated packages have been patched to prevent these issues.
eefcd7affcefc029018a74894afb697590a6b4c89f838d1f022b84f5df80b7af