AIX Open Source

AIX Open Source

Share your experiences and connect with fellow developers to discover how to build and manage open source software for the AIX operating system

 View Only
Back to discussions
Expand all | Collapse all

Apache HTTP Server 2.4.60 Released (Including a moderate mod_rewrite vulnerability patch)

  • 1.  Apache HTTP Server 2.4.60 Released (Including a moderate mod_rewrite vulnerability patch)

    Posted Mon July 01, 2024 09:26 AM

    Hi there

    FYI:

    Apache HTTP Server 2.4.60 was just released (Including a moderate mod_rewrite vulnerability patch)

    Severity: moderate

    Affected versions:

    - Apache HTTP Server 2.4.0 through 2.4.59

    Description:

    Potential SSRF in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an attacker to cause unsafe RewriteRules to unexpectedly setup URL's to be handled by mod_proxy.

    Users are recommended to upgrade to version 2.4.60, which fixes this issue.

    Thanks and kind regards,

    Stefano



    ------------------------------
    Stefano Calisto
    ------------------------------


  • 2.  RE: Apache HTTP Server 2.4.60 Released (Including a moderate mod_rewrite vulnerability patch)

    Posted Wed July 03, 2024 11:48 PM

    Hi everybody

    Apache just released another update to Version 2.4.61.

    Thanks and kind regards,

    Stefano



    ------------------------------
    Stefano Calisto
    ------------------------------

    Original Message


Related Content