bipụtara ntọhapụ nke sava Apache HTTP 2.4.43 (mwepụta 2.4.42 ka awụsara), nke webatara 34 mgbanwe ma kpochapụ 3 adịghị ike:
CVE-2020-1927: adịghị ike na mod_rewrite nke na-enye ohere iji ihe nkesa na-ebuga arịrịọ na akụrụngwa ndị ọzọ (mepee redirect). Ụfọdụ mod_rewrite ntọala nwere ike ime ka ezigara onye ọrụ gaa na njikọ ọzọ, tinye akara site na iji mkpụrụedemede ọhụrụ n'ime oke ejiri na redirect dị ugbu a.
CVE-2020-1934: adịghị ike na mod_proxy_ftp. Iji ụkpụrụ enweghị mmalite nwere ike iduga n'ike ebe nchekwa mgbe ị na-arịọ arịrịọ na sava FTP na-achịkwa onye mwakpo.
Ntupu ebe nchekwa na mod_ssl nke na-eme mgbe ị na-ekekọta arịrịọ OCSP.
Mgbanwe ndị kacha ama ama na-abụghị nchekwa bụ:
agbakwunyere modul ọhụrụ mod_sistemu, nke na-enye ntinye aka na njikwa sistemu sistemu. Modul ahụ na-enye gị ohere iji httpd na ọrụ nwere ụdị "Ụdị = ngosi".
agbakwunyere nkwado mkpokọta na apxs.
Ike nke modul mod_md, nke ọrụ Let's Encrypt rụpụtara iji megharịa nnata na nhazi nke asambodo site na iji protocol ACME (Automatic Certificate Management Environment), agbasawanye:
Agbakwunyere ntuziaka MDContactEmail, site na nke ị nwere ike ezipụta ozi-e kọntaktị na-anaghị agafe na data sitere na ntuziaka ServerAdmin.
Maka ndị ọbịa niile mepere emepe, nkwado maka protocol ejiri mgbe ị na-akparịta ụka maka ọwa nzikọrịta ozi echedoro ("tls-alpn-01") enwetara nkwenye.
Kwe ka mod_md ntụziaka ka-eji na ngọngọ Na .
Gbaa mbọ hụ na edegharịrị ntọala ndị gara aga mgbe ị na-eji MDCChallenges.
Agbakwunyere ikike ịhazi url maka CTlog Monitor.
Maka iwu akọwapụtara na ntuziaka MDmessageCmd, oku nwere arụmụka “arụnyere” ka a na-enye mgbe ị na-arụ ọrụ asambodo ọhụrụ ka emegharịrị ihe nkesa (dịka ọmụmaatụ, enwere ike iji ya detuo ma ọ bụ tụgharịa asambodo ọhụrụ maka ngwa ndị ọzọ).
mod_proxy_hcheck agbakwunyere nkwado maka ihe nkpuchi%{Ọdịnaya-Ụdị} n'okwu nlele.
Agbakwunyela kukiSameSite, kukiHTTPO naanị na ụdị kukiSecure na mod_usertrack iji hazie nhazi kuki onye ọrụ.
mod_proxy_ajp na-emejuputa nhọrọ "nzuzo" maka ndị na-ahụ maka proxy iji kwado protocol nyocha AJP13.
Nhazi agbakwunyere maka OpenWRT.
Nkwado agbakwunyere na mod_ssl maka iji igodo nzuzo na asambodo sitere na OpenSSL ENGINE site na ịkọwa PKCS#11 URI na SSLCertificateFile/KeyFile.
Nnwale etinyere n'ọrụ site na iji usoro ntinye aka na-aga n'ihu Travis CI.
Ntụle nke ngbanwe-ngbanwe nkụnye eji isi mee ka ike sie ike.
mod_ssl na-enye mkparịta ụka protocol TLS n'ihe metụtara ndị ọbịa mebere (akwadoro mgbe ejiri OpenSSL-1.1.1+ rụọ ya.
Site n'iji hashing maka tebụl iwu, malitegharịa na ọnọdụ "mara mma" na-emewanyewanye (na-akwụsịghị ndị nhazi ajụjụ).
Tebụl ndị a na-agụ naanị agbakwunyere r: headers_in_table, r: headers_out_table, r:err_headers_out_table, r: note_table na r: subprocess_env_table ka mod_lua. Kwe ka e kenye tebụl uru "nil".
Na mod_authn_socache abawanyela oke nke ahịrị cache site na 100 ruo 256.