Hello, You guys seem to be close to releasing 2.4.30, so this might be too late this time around.
We have just been told, that a regression affecting several production servers is fixed by http://svn.apache.org/viewvc/httpd/httpd/trunk/server/mpm/event/event.c?r1=1822535&r2=1823047&diff_format=h#l1065 It's an interaction between mod_qos, mod_reqtimeout and the event mpm that led to segfault in our case (triggered by aggressive ssl scanners setting off alarms in mod_qos). The qos developers states it's been introduced in 2.4.29 and the above patch fixes httpd's part of the problem. He will issue a new release as well. So if you could backport this for 2.4.30 or a following release, it would be very welcome. Best regards, Christian Folini -- https://www.feistyduck.com/training/modsecurity-training-course https://www.feistyduck.com/books/modsecurity-handbook/ mailto:[email protected] twitter: @ChrFolini
