Advisories ยป MGAA-2023-0033

Updated apache packages fix various bugs

Publication date: 15 Apr 2023
Type: bugfix
Affected Mageia releases : 8


Changes with Apache 2.4.57
mod_proxy: Check before forwarding that a nocanon path has not been
rewritten with spaces during processing. [Yann Ylavic]
mod_proxy: In case that AllowEncodedSlashes is set to NoDecode do not
double encode encoded slashes in the URL sent by the reverse proxy to the
backend. [Ruediger Pluem]
mod_http2: fixed a crash during connection termination. See PR 66539.
[Stefan Eissing]
mod_rewrite: Fix a 2.4.56 regression for substitutions ending in a
question mark. PR66547. [Eric Covener]
mod_rewrite: Add "BCTLS" and "BNE" RewriteRule flags. Re-allow encoded
characters on redirections without the "NE" flag. [Yann Ylavic, Eric
mod_proxy: Fix double encoding of the uri-path of the request forwarded
to the origin server, when using mapping=encoded|servlet.  [Yann Ylavic]
mod_mime: Do not match the extention against possible query string
parameters in case ProxyPass was used with the nocanon option. [Ruediger