> So after upgrading against the Range header vulnerability, I find that > apache-2.2.20 seems to litter /etc/apache2 with standard configuration > files, while I don't remember anything at least in 2.2.1x range doing that.
Same thing happend to me, but it seems this new config files are not included per default. I am not really sure what to make of this. Which file should I edit from now on? All files seem to be valid, there are no ophans in my apache2 directory (excluding my froxlor and ssl config) # find /etc/apache2/ -type f -print0 | xargs -0 qfile -o | egrep -v "froxlor|ssl" # And if you google for "gentoo apache 2.2.20" guess what you'll find? Yeah, that right, this Thread! :)