Ubuntu
apache2 package

  1. Bug #1842701
  2. Comment #23

Comment 23 for bug 1842701

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apache2 - 2.4.18-2ubuntu3.13

---------------
apache2 (2.4.18-2ubuntu3.13) xenial-security; urgency=medium

  * SECURITY REGRESSION: mod_proxy balancer XSS/CSRF hardening broke
    browsers which change case in headers and breaks balancers
    loading in some configurations (LP: #1842701)
    - drop d/p/CVE-2019-10092-3.patch

 -- Steve Beattie <email address hidden> Mon, 16 Sep 2019 06:13:53 -0700