Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 544582

Summary: www-servers/apache ships 00_mod_mime.conf, advertising insecure AddHandler directive without mentioning security
Product: Gentoo Linux Reporter: Sebastian Pipping <sping>
Component: Current packagesAssignee: Apache Team - Bugzilla Reports <apache-bugs>
Status: CONFIRMED ---    
Severity: normal    
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on:    
Bug Blocks: 544560    

Description Sebastian Pipping gentoo-dev 2015-03-26 18:20:24 UTC 
# fgrep -R AddHandler /etc/
/etc/apache2/modules.d/00_error_documents.conf: AddHandler type-map var
/etc/apache2/modules.d/00_mod_mime.conf:# AddHandler allows you to map certain file extensions to "handlers":
/etc/apache2/modules.d/00_mod_mime.conf:#AddHandler cgi-script .cgi
/etc/apache2/modules.d/00_mod_mime.conf:#AddHandler type-map var

Please see bug #538822 for why that is a problem and for a prosed fix.

Thanks!
Comment 1 Sebastian Pipping gentoo-dev 2015-03-26 18:21:24 UTC 
-prosed +proposed