I read about this vulnerability in the 2015-04-06-apache-addhandler-addtype Gentoo news item. I don't think I'm using any functionality that could expose me to the problem but I'd like to be able to say so for sure. Does the fact that I'm up-to-date with GLSAs, I don't have PHP5 in APACHE2_OPTS (I use php-fpm), along with the following (which I think is default) indicate that I'm not vulnerable?
# grep AddHandler -R /etc/apache2 /etc/apache2/modules.d/70_mod_php5.conf: AddHandler application/x-httpd-php .php .php5 .phtml /etc/apache2/modules.d/70_mod_php5.conf: AddHandler application/x-httpd-php-source .phps /etc/apache2/modules.d/00_mod_mime.conf:# AddHandler allows you to map certain file extensions to "handlers": /etc/apache2/modules.d/00_mod_mime.conf:#AddHandler cgi-script .cgi /etc/apache2/modules.d/00_mod_mime.conf:#AddHandler type-map var /etc/apache2/modules.d/00_error_documents.conf: AddHandler type-map var # grep AddType -R /etc/apache2 /etc/apache2/modules.d/40_mod_ssl.conf: AddType application/x-x509-ca-cert .crt /etc/apache2/modules.d/40_mod_ssl.conf: AddType application/x-pkcs7-crl .crl /etc/apache2/modules.d/00_mod_mime.conf:# AddType allows you to add to or override the MIME configuration /etc/apache2/modules.d/00_mod_mime.conf:#AddType application/x-gzip .tgz /etc/apache2/modules.d/00_mod_mime.conf:AddType application/x-compress .Z /etc/apache2/modules.d/00_mod_mime.conf:AddType application/x-gzip .gz .tgz /etc/apache2/modules.d/00_mod_mime.conf:#AddType text/html .shtml - Grant
