Apache HTTP Server 2.2.22 Released
Submitted by securityadmin on
http://www.apache.org/dist/httpd/Announcement2.2.html
Six security issues were fixed in Apache 2.2.22, including information disclosure, privilege escalation and DoS vulnerabilities.
"SECURITY: CVE-2011-3368 (cve.mitre.org) Reject requests where the request-URI does not match the HTTP specification, preventing unexpected expansion of target URLs in some reverse proxy configurations.