httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michele Mase'" <michele.m...@gmail.com>
Subject [users@httpd] CVE-2014-0226 vulnerability: mod_status.so was no longer ABI-compatible
Date Fri, 01 Aug 2014 07:31:14 GMT
After applying some vendor's patches (redhat and ubuntu), mod_status was
broken; as a workaround, disabling it solves the issue

Issue solved:
#LoadModule status_module modules/mod_status.so
#ExtendedStatus On

Issue is present:
LoadModule status_module modules/mod_status.so
ExtendedStatus On

Is it a vendor's related problem or is it apache's one?

Some suggestions?


ref. links:
https://rhn.redhat.com/errata/RHSA-2014-0920.html #bug is present
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1349288 #bug is present

Regards

Michele MAsè

Mime
View raw message