Bug#530834: CVE-2009-1195: Apache HTTP Server AllowOverride Options Security Bypass
>
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1195
> https://bugzilla.redhat.com/show_bug.cgi?id=489436
>
> Patch: http://svn.apache.org/viewvc?view=rev&revision=772997
If I understood the discussion on httpd-dev correctly, the fix in trunk
svn breaks API compatibility and makes mod_perl FTBFS. But I haven't
looked at redhat's patch, yet.
In any case mod_perl has to be tested when doing a fix.
Reply to: