Available The release of http server = “https: //httpd.apache .org/”> apache 2.4.62 , in which two vulnerability and 6 Changes . first vulnerability (CVE-2024-40898) allows you to attack
second vulnerability (CVE-2024-40725) Allows you to see the scripting code , the processing of which is configured using the Addtype directive. For example, you can form a specially executed request to the PHP script, which will lead to the show of its contents, and not execution. Correction blocks an additional option of operating vulnerabilities CVE-2024-39884, eliminated version 2.4.61.
Of the safety of changes, adding to
mod_ssL Opportunities for loading certificates and storage keys supporting the standard pkcs11 .
In accordance with June report Netcraft under the control of HTTP server Apache About 212 million sites ( a year ago 228 million). The share of Apache HTTPD is estimated at 19.28%of all sites, which corresponds to the second place in popularity in this category (the share of nginx – 21.35%, Cloudflare – 11.05%, OpenResty (platform based on Nginx and Luajit) – 0.79%).
When considering only active sites, Apache takes first place in the ranking with a share of 19.13% (the share of nginx –
18.09%, Cloudflare – 14.80%, Google – 10.01%). Among the million of the most visited sites in the world, Apache is in third place with a share of 19.69% (lead Cloudflare – 23.10% and Nginx – 20.50%).