These are just the fixes/regressions noted in CHANGES:
Changes with Apache 2.4.27
*) mod_lua: Improve compatibility with Lua 5.1, 5.2 and 5.3.
PR58188, PR60831, PR61245. [Rainer Jung]
*) mod_http2: disable and give warning when mpm_prefork is encountered. The
server will
continue to work, but HTTP/2 will no longer be negotiated. [Stefan Eissing]
*) Allow single-char field names inadvertantly disallowed in 2.4.25.
PR 61220. [Yann Ylavic]
*) htpasswd / htdigest: Do not apply the strict permissions of the temporary
passwd file to a possibly existing passwd file. PR 61240. [Ruediger Pluem]
*) mod_proxy_fcgi: Revert to 2.4.20 FCGI behavior for the default
ProxyFCGIBackendType, fixing a regression with PHP-FPM. PR 61202.
[Jacob Champion, Jim Jagielski]
*) core: Avoid duplicate HEAD in Allow header.
This is a regression in 2.4.24 (unreleased), 2.4.25 and 2.4.26.
PR 61207. [Christophe Jaillet]
> On Jul 3, 2017, at 1:39 PM, Christian Folini <[email protected]>
> wrote:
>
> On Mon, Jul 03, 2017 at 07:33:01AM -0400, Jim Jagielski wrote:
>> Anyone opposed to a quick T&R and release of 2.4.27 within
>> the next week?
>
> Will this be a release primarily addressing the open fast cgi regression
> or are the additional security concerns with 2.4.26?
>
> A quick note would help with the holiday schedule.
>
> Regards,
>
> Christian Folini
>
> --
> Christian Folini - <[email protected]>
