Security update to Apache

LWN.net has an advisory: “There are two vulnerabilities in the Apache web server as shipped
with Conectiva Linux.

1) Under certain configurations, the mod_rewrite module could be used
to access any file on the server, provided that filesystem access
rights permitted that. Now the mod_rewrite module makes a one-pass
expansion and is no longer vulnerable to this.

2) The other vulnerability is regarding the handling of Host: headers
in mass virtual hosting configurations. The check for dot (“.”)
charactes in that header was not complete and could permit access to
a parent directory.”

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR