All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
DoS CVE in Apache2 - advise to patch
Hi guys,
An older CVE was republished recently regarding the ProxyPass module in Apache. It's got quite a high rating from NIST, advise is to patch as soon as possible. I was using a forward proxy with another provider here which was also still vulnerable with this, so i decided to also post it here.
These we're reported already in December 2021, but just only recently patches are surfacing for some OS/package managers.
READ CAREFULLY: This is only occurring to forward proxys, reverse proxies are unaffected.
To read the full report: https://nakedsecurity.sophos.com/2021/12/21/apaches-other-product-critical-bugs-in-httpd-web-server-patch-now/
- https://access.redhat.com/security/cve/cve-2021-44790
- https://nvd.nist.gov/vuln/detail/CVE-2021-44790
UPDATE: This is only applicable if you run mod_lua and with forward proxies. Could still be useful for some providers/peeps out here.
