Mandrake Security Advisory MDVSA-2009:102 (apache)

The remote host is missing an update to apache announced via advisory MDVSA-2009:102.
To upgrade automatically use MandrakeUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
A vulnerability has been found and corrected in apache: mod_proxy_ajp.c in the mod_proxy_ajp module in the Apache HTTP Server 2.2.11 allows remote attackers to obtain sensitive response data, intended for a client that sent an earlier POST request with no request body, via an HTTP request (CVE-2009-1191). This update provides fixes for that vulnerability. Affected: 2009.1