Kutulutsidwa kwa seva ya Apache HTTP 2.4.48 kwasindikizidwa (kutulutsidwa kwa 2.4.47 kunadumpha), komwe kumayambitsa kusintha kwa 39 ndikuchotsa zofooka za 8:
- CVE-2021-30641 - gawo lolakwika mu 'MergeSlash OFF' mode;
- CVE-2020-35452 - Single null byte stack kusefukira mu mod_auth_digest;
- CVE-2021-31618, CVE-2020-26691, CVE-2020-26690, CVE-2020-13950 - NULL pointer dereferences mu mod_http2, mod_session ndi mod_proxy_http;
- CVE-2020-13938 - Kuthekera koyimitsa njira ya httpd ndi wogwiritsa ntchito wopanda mwayi pa Windows;
- CVE-2019-17567 - Nkhani zokambilana za Protocol mu mod_proxy_wstunnel ndi mod_proxy_http.
Zosintha zodziwika kwambiri zopanda chitetezo ndi:
- Adawonjezera ProxyWebsocketFallbackToProxyHttp kukhazikitsa mod_proxy_wstunnel kuti muletse kusinthako kugwiritsa ntchito mod_proxy_http ya WebSocket.
- API yapakati ya seva imaphatikizapo ntchito zokhudzana ndi SSL zomwe zilipo tsopano popanda mod_ssl module (mwachitsanzo, kulola mod_md module kuti ipereke makiyi ndi zizindikiro).
- Kukonzekera kwa mayankho a OCSP (Online Certificate Status Protocol) asunthidwa kuchokera ku mod_ssl/mod_md kupita ku gawo loyambira, lomwe limalola ma modules ena kuti apeze deta ya OCSP ndikupanga mayankho a OCSP.
- mod_md imalola kugwiritsa ntchito masks mu malangizo a MDomains, mwachitsanzo, "MDomain *.host.net". Lamulo la MDPrivateKeys limalola kufotokoza mitundu yosiyanasiyana ya makiyi, mwachitsanzo "MDPrivateKeys secp384r1 rsa2048" amalola kugwiritsa ntchito masatifiketi a ECDSA ndi RSA. Thandizo la protocol ya ACMEv1 yaperekedwa.
- Thandizo lowonjezera la Lua 5.4 mpaka mod_lua.
- Mtundu wosinthidwa wa mod_http2 module. Kuwongolera zolakwika. Chowonjezera cha 'H2OutputBuffering on/off' kuti muwongolere zotulutsa (zoyambitsa mwachisawawa).
- Dongosolo la mod_dav_FileETag limagwiritsa ntchito njira ya "Digest" kuti ipange ETag kutengera kuchuluka kwa zomwe zili mufayilo.
- mod_proxy imakupatsani mwayi wochepetsera kugwiritsa ntchito ProxyErrorOverride kumakhodi enaake.
- Malangizo atsopano a ReadBufferSize, FlushMaxThreshold ndi FlushMaxPipelined akhazikitsidwa.
- mod_rewrite imagwiritsa ntchito kukonzanso kwa SameSite popanga mbendera ya [CO] (cookie) mu RewriteRule malangizo.
- Adawonjezedwa check_trans hook ku mod_proxy kuti akane zopempha zidakalipo.
Source: opennet.ru