]> git.ipfire.org Git - ipfire-2.x.git/commit
projects / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b5befbc) | patch
apache: Update to 2.4.61
authorMatthias Fischer <matthias.fischer@ipfire.org>
Fri, 5 Jul 2024 15:36:40 +0000 (17:36 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Mon, 8 Jul 2024 15:31:17 +0000 (15:31 +0000)
commita96514a265a34c89fd7fc8d5a59833d723958dc9
tree302096e05d967d5fa187cf12f1417ac261e0da7ftree
parentb5befbc045d12b40cc904c60b91bd3047ec9865fcommit | diff
apache: Update to 2.4.61

For details see:
https://dlcdn.apache.org/httpd/CHANGES_2.4.61

"Changes with Apache 2.4.61

  *) SECURITY: CVE-2024-39884: Apache HTTP Server: source code
     disclosure with handlers configured via AddType (cve.mitre.org)
     A regression in the core of Apache HTTP Server 2.4.60 ignores
     some use of the legacy content-type based configuration of
     handlers.   "AddType" and similar configuration, under some
     circumstances where files are requested indirectly, result in
     source code disclosure of local content. For example, PHP
     scripts may be served instead of interpreted.
     Users are recommended to upgrade to version 2.4.61, which fixes
     this issue."

Signed-off-by: Matthias Fischer <matthias.fischer@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
lfs/apache2 diff | blob | blame | history
IPFire 2.x development tree