This is an unsupported use-case of Apache httpd and I am pretty sure it
won't be changed upstream. And I don't think Ubuntu or Debian should
deviate from that, see http://seclists.org/oss-sec/2011/q3/111
** Changed in: apache2 (Ubuntu)
Status: New = Invalid
--
You received this bug
** Tags added: server
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/811428
Title:
Apache does not honor -FollowSymlinks due to TOCTOU, which allows
access to /proc/pid/ files
** This bug has been flagged as a security vulnerability
** Changed in: apache2 (Ubuntu)
Importance: Undecided = High
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to apache2 in Ubuntu.
https://bugs.launchpad.net/bugs/811428
Title:
