This bug was fixed in the package apache2 - 2.4.38-2ubuntu2.3
--------------- apache2 (2.4.38-2ubuntu2.3) disco-security; urgency=medium
* SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke browsers which change case in headers and breaks balancers loading in some configurations (LP: #1842701) - drop d/p/CVE-2019-10092-3.patch
-- Steve Beattie <email address hidden> Mon, 16 Sep 2019 05:36:25 -0700
This bug was fixed in the package apache2 - 2.4.38-2ubuntu2.3
---------------
apache2 (2.4.38-2ubuntu2.3) disco-security; urgency=medium
* SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke 2019-10092- 3.patch
browsers which change case in headers and breaks balancers
loading in some configurations (LP: #1842701)
- drop d/p/CVE-
-- Steve Beattie <email address hidden> Mon, 16 Sep 2019 05:36:25 -0700