PATCH: "persistent state" directory default/config/API

On Fri, Sep 28, 2018 at 11:22:22AM +0100, Joe Orton wrote: > Example users are the mod_dav_fs lock database, mod_md's MD data store. > With an API & default, these can have hard-coded default paths so the > modules work without needing configuration. The proxy cache root could > count here

Re: CVE-2018-11763: mod_http2, DoS via continuous SETTINGS frames

On 9/25/2018 4:26 PM, Barry Pollard wrote: I'm confused. Why are there no changes to mod_http2 mentioned in: http://www.apache.org/dist//httpd/CHANGES_2.4.35  to presumably address this CVE? Or does one of the other changes