A new software update is available: Apache HTTP Server 2.4.62 released
Apache HTTP Server 2.4.62 released
The Apache Software Foundation and Apache HTTP Server Project have released version 2.4.62 of Apache HTTP Server. This update has fixed a CVE-2024-39884 issue, allowing source code disclosure of local content when files are requested indirectly. Additionally, a SSRF issue in Apache HTTP Server on Windows with mod_rewrite in server/vhost context on Windows has been fixed, potentially allowing NTML hashes to be leaked to malicious servers.