Alert: The Apache Software Foundation has released Apache HTTP Server version 2.4.39 to address multiple vulnerabilities.
- mod_auth_digest access control bypass (CVE-2019-0217)
- mod_ssl access control bypass (CVE-2019-0215)
- mod_http2, possible crash on late upgrade (CVE-2019-0197)
CVE-2019-0211 bring to my attention. For the synopsis of this matter, please refer to attached diagram.
Remedy: The Apache Software Foundation has released Apache HTTP Server version 2.4.39 to address multiple vulnerabilities. See the URL for more information.