← Back to team overview

enterprise-support team mailing list archive

[Bug 1945274] Re: security updates are breaking mod_wsgi apps

 

Ok so whilst this worked in the past, this was more by chance than by
design since as documented upstream[1]:

 If the first argument ends with a trailing /, the second argument
should also end with a trailing /, and vice versa. Otherwise, the
resulting requests to the backend may miss some needed slashes and do
not deliver the expected results.


As such I don't think this should be considered a regression due to the update in apache2 for CVE-2021-36160.

[1] https://httpd.apache.org/docs/trunk/mod/mod_proxy.html#proxypass


** Changed in: apache2 (Ubuntu)
       Status: New => Invalid

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1945274

Title:
  security updates are breaking mod_wsgi apps

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1945274/+subscriptions



References