*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: apache2.2-common
I upgraded my server to Ubuntu 8.04 LTS from 6.06 LTS and started to see
strange problems with my Wordpress installation, specifically when
requesting the feed I'd get some comment feed instead. I believe this
was caused by mod_disk_cache being enabled globally by default.
>From disk_cache.conf:
CacheEnable disk /
>From the mod_cache documentation:
This module should be used with care and can be used to circumvent Allow and
Deny directives. You should not enable caching for any content to which you
wish to limit access by client host name, address or environment variable.
Having this module enabled by default and configured to enable caching
for all URLs compromises the security of canonical's customers and
ubuntu's users and can produce the undesired effects I mentioned above.
** Affects: apache2 (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
--
mod_disk_cache enabled globally by default
https://bugs.launchpad.net/bugs/219914
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in ubuntu.
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
