Apache HTTP Server

Bug report for Apache httpd-2 [2021/06/13] by Bugzilla from bugzil...

by Bugzilla from bugzil...

Running on Win 10 by Michael-3

by Michael-3

Fixed: apache/httpd#1692 (trunk - 121e0a7) by Travis CI-2

by Travis CI-2

Broken: apache/httpd#1691 (trunk - 06a3e22) by Travis CI-2

by Travis CI-2

Re: svn commit: r1890693 - in /httpd/httpd/trunk: changes-entries/ssl_alpn_outgoing.txt modules/ssl/ssl_engine_io.c by Yann Ylavic

by Stefan Eissing

Generate UUIDv4 by Henson, Robert (GE C...

by Eric Covener

Struggling with "decryption failed or bad record mac" error by Piemonti, Matteo

by Piemonti, Matteo

alpn in proxy connections by Stefan Eissing

by Stefan Eissing

[Bug 65370] New: "not Websocket" loglevel too low or wrong response code by Bugzilla from bugzil...

by Bugzilla from bugzil...

APLN negotiation and TLS cross-protocols attack by Stefan Eissing

by Stefan Eissing

Re: svn commit: r1890598 - in /httpd/site/trunk/content/security/json: CVE-2019-17567.json CVE-2020-13938.json CVE-2020-13950.json CVE-2020-35452.json CVE-2021-26690.json CVE-2021-26691.json CVE-2021-30641.json CVE-2021-31618.json by Christophe JAILLET

by Stefan Eissing

CVE-2021-31618: NULL pointer dereference on specially crafted HTTP/2 request by Christophe Jaillet-2

by Christophe Jaillet-2

CVE-2021-26691: mod_session response handling heap overflow by Christophe Jaillet-2

by Christophe Jaillet-2

CVE-2021-30641: Unexpected URL matching with 'MergeSlashes OFF' by Christophe Jaillet-2

by Christophe Jaillet-2

CVE-2021-26690: mod_session NULL pointer dereference by Christophe Jaillet-2

by Christophe Jaillet-2

CVE-2020-35452: mod_auth_digest possible stack overflow by one nul byte by Christophe Jaillet-2

by Christophe Jaillet-2

CVE-2020-13950: mod_proxy_http NULL pointer dereference by Christophe Jaillet-2

by Christophe Jaillet-2

CVE-2020-13938: Improper Handling of Insufficient Privileges by Christophe Jaillet-2

by Christophe Jaillet-2

CVE-2019-17567: mod_proxy_wstunnel tunneling of non Upgraded connections by Christophe Jaillet-2

by Christophe Jaillet-2

[Bug 65361] New: 101 Switching Protocols - custom headers are not set by Bugzilla from bugzil...

by Bugzilla from bugzil...

[Bug 61820] New: 304 headers stripped by Bugzilla from bugzil...

by Bugzilla from bugzil...

[Bug 63391] New: Provide ability to log key material for session decryption by Bugzilla from bugzil...

by Bugzilla from bugzil...

404 error by Beard, Shawn

by Beard, Shawn

Question about source code comment by Nikita Popov

by Nikita Popov

Newer Apache does not offer TLS cipher with TLSv1 anymore by hildegard meier

by hildegard meier

[Bug 65360] New: DefaultRuntimeDir error, 500 by Bugzilla from bugzil...

by Bugzilla from bugzil...

Misbehaving CustomLog logger causing local denial-of-service, intended behaviour? by Olli Pasanen

by Olli Pasanen

Problem with Proxypass by Carlos Castro

by Carlos Castro

vulnerabilities page vs change log by Steffen Land

by Christophe JAILLET

Bug report for Apache httpd-2 [2021/06/06] by Bugzilla from bugzil...

by Bugzilla from bugzil...

Bug report for Apache httpd-2 [2021/06/06] by Bugzilla from bugzil...

by Bugzilla from bugzil...

Fixed: apache/httpd#1680 (2.4.x - 80a8f3b) by Travis CI-2

by Travis CI-2

Fixed: apache/httpd#1679 (2.4.x - 44beea7) by Travis CI-2

by Travis CI-2

Passed: apache/httpd#1678 (trunk - f475ae9) by Travis CI-2

by Travis CI-2