Kuburitswa kweApache HTTP server 2.4.48 kwakabudiswa (kuburitswa 2.4.47 kwakasvetuka), iyo inosuma 39 shanduko uye inobvisa 8 kusasimba:
- CVE-2021-30641 - chikamu misfire mu 'MergeSlashes OFF' modhi;
- CVE-2020-35452 - Imwechete null byte stack inofashukira mu mod_auth_digest;
- CVE-2021-31618, CVE-2020-26691, CVE-2020-26690, CVE-2020-13950 - NULL pointer dereferences mu mod_http2, mod_session uye mod_proxy_http;
- CVE-2020-13938 -Kugona kumisa iyo httpd maitiro nemushandisi asina rusarura paWindows;
- CVE-2019-17567 - Protocol nhaurirano dzenhau mu mod_proxy_wstunnel uye mod_proxy_http.
Shanduko dzinonyanya kuzivikanwa dzisiri dzekuchengetedza ndeidzi:
- Yakawedzera ProxyWebsocketFallbackToProxyHttp kuseta kune mod_proxy_wstunnel kudzima shanduko yekushandisa mod_proxy_http yeWebSocket.
- Iyo core server API inosanganisira mabasa ane chekuita neSSL ayo ave kuwanikwa pasina mod_ssl module (semuenzaniso, kubvumira mod_md module kuti ipe makiyi uye zvitupa).
- Kugadziriswa kweOCSP (Online Certificate Status Protocol) mhinduro dzakatamiswa kubva mod_ssl/mod_md kuenda kuchikamu chekutanga, chinobvumira mamwe mamodule kuwana data yeOCSP uye kugadzira mhinduro dzeOCSP.
- mod_md inobvumira kushandiswa kwemasikisi mumirairo yeMDomains, semuenzaniso, "MDomain *.host.net". Iyo MDPrivateKeys dhairekitori inobvumira kutsanangura akasiyana marudzi emakiyi, semuenzaniso "MDPrivateKeys secp384r1 rsa2048" inobvumira kushandiswa kweECDSA neRSA zvitupa. Tsigiro yenhaka ACMEv1 protocol yakapihwa.
- Yakawedzera rutsigiro rweLua 5.4 kune mod_lua.
- Yakagadziridzwa vhezheni ye mod_http2 module. Kugadzirisa kukanganisa. Yakawedzera 'H2OutputBuffering on/off' sarudzo yekudzora kubuda kwebuffering (inogoneswa nekusarudzika).
- Iyo mod_dav_FileETag dhairekitori inoshandisa iyo "Digest" modhi kuti igadzire ETag zvichienderana nehashi yezviri mukati faira.
- mod_proxy inobvumidza iwe kudzikamisa kushandiswa kweProxyErrorOverride kune yakatarwa mamiriro macode.
- Mitemo mitsva ReadBufferSize, FlushMaxThreshold uye FlushMaxPipelined yakaitwa.
- mod_rewrite inoshandisa kugadzirisa kweSameSite hunhu kana uchiburitsa [CO] (cookie) mureza mune RewriteRule rairo.
- Yakawedzera check_trans hook kune mod_proxy kuramba zvikumbiro padanho rekutanga.
Source: opennet.ru