Hi
Yes, we're also seeing some different behaviour since the update to 2.4.64
To us, it seems like an incomplete fix that has unwanted side effects.
This is the patch for CVE-2025-23048 ->
https://github.com/apache/httpd/commit/c4cfa50c9068e8b8134c530ab21674e77d1278a2
How to reproduce:
Simple
On Fri, 11 Jul 2025, Pavel Matěja wrote:
Hi,
I've just updated Apache to the 2.4.64 version and it's kind of strange.
I used to got proper response from Apache with multiple virtual hosts.
When I tested using
openssl s_client -connect A.B.C.D:443 -crlf -noservername
after upgrade I got:
421 Mi
Hi,
I've just updated Apache to the 2.4.64 version and it's kind of strange.
I used to got proper response from Apache with multiple virtual hosts.
When I tested using
openssl s_client -connect A.B.C.D:443 -crlf -noservername
after upgrade I got:
421 Misdirected Request
"The client needs a new
