Gentoo Security Advisory GLSA 200403-04 (Apache)

The remote host is missing updates announced in advisory GLSA 200403-04.
Users are urged to upgrade to Apache 2.0.49: # emerge sync # emerge -pv '>=net-www/apache-2.0.49' # emerge '>=net-www/apache-2.0.49' # ** IMPORTANT ** # If you are migrating from Apache 2.0.48-r1 or earlier versions, # it is important that the following directories are removed. # The following commands should cause no data loss since these # are symbolic links. # rm /etc/apache2/lib /etc/apache2/logs /etc/apache2/modules # rm /etc/apache2/extramodules # ** ** ** ** ** # ** ALSO NOTE ** # Users who use mod_disk_cache should edit their Apache # configuration and disable mod_disk_cache.
A memory leak in mod_ssl allows a remote denial of service attack against an SSL-enabled server via plain HTTP requests. Another flaw was found when arbitrary client-supplied strings can be written to the error log, allowing the exploit of certain terminal emulators. A third flaw exists with the mod_disk_cache module.