Ubuntu
apache2 package

  1. Bug #1842701
  2. Comment #25

Comment 25 for bug 1842701

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apache2 - 2.4.38-2ubuntu2.3

---------------
apache2 (2.4.38-2ubuntu2.3) disco-security; urgency=medium

  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

 -- Steve Beattie <email address hidden> Mon, 16 Sep 2019 05:36:25 -0700