update for apache2
- specially crafted requests could bypass RewriteRule and ProxyPassMatch
- new template file: /etc/apache2/vhosts.d/vhost-ssl.template
allow TLSv1 only, browser match stuff commented out.
- rc script /etc/init.d/apache2: handle reload with deleted binaries
by message to stdout only, but refrain from sending signals.
-
Submitted by
Ludwig Nussel (lnussel)
Fixed bugs
bnc#722545
VUL-1: CVE-2011-3368: apache2: mod_proxy reverse proxy exposure
CVE#CVE-2011-4317
The mod_proxy module in the Apache HTTP Server 1.3.x through 1.3.42, 2.0.x through 2.0.64, and 2.2.x through 2.2.21, when the Revision 1179239 patch is in place, does not properly interact with use of (1) RewriteRule and (2) ProxyPassMatch pattern matches
