DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11201>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND INSERTED IN THE BUG DATABASE.
http://nagoya.apache.org/bugzilla/show_bug.cgi?id=11201 Build static mod_rewrite and mod_proxy has proxy vulnerability Summary: Build static mod_rewrite and mod_proxy has proxy vulnerability Product: Apache httpd-1.3 Version: 1.3.26 Platform: All OS/Version: All Status: NEW Severity: Normal Priority: Other Component: Build AssignedTo: [email protected] ReportedBy: [EMAIL PROTECTED] Configure apache with somethong like ./configure --enable-module=proxy --enable-module=rewrite ... results in: httpd -l ... mod_rewrite.c mod_proxy.c ... This is because the default src/Configuration.tmpl contains first mod_rewrite then mod_proxy. When using the proxy features with apache you can't deny the usage with RewriteRules and everyone is able to use this proxy. The Solution is build the server dynamic or change the moduleorder in src/Configuration.tmpl --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
