This bug was fixed in the package apache2 - 2.4.52-1ubuntu4.14
---------------
apache2 (2.4.52-1ubuntu4.14) jammy-security; urgency=medium
* SECURITY REGRESSION: Better question mark tracking
- debian/patches/CVE-2024-38474-regression.patch: improve
previous patch allowing to avoid [UnsafeAllow3F] for most
cases in modules/mappers/mod_rewrite.c (LP: #2103723).
-- Leonidas Da Silva Barbosa <leo.barb...@canonical.com> Thu, 03 Apr
2025 06:05:48 -0300
** Changed in: apache2 (Ubuntu Focal)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to apache2 in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/2103723
Title:
Fix for CVE-2024-38474 also blocks %3f in appended query strings
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/2103723/+subscriptions
--
Mailing list: https://launchpad.net/~enterprise-support
Post to : enterprise-support@lists.launchpad.net
Unsubscribe : https://launchpad.net/~enterprise-support
More help : https://help.launchpad.net/ListHelp
