Hi Kazuhiko,
This change was in response to CVE-2019-10092.
People who aren't upgrading httpd for some reason should still remove the
path information from the error pages to prevent XSS.
- Y
On Thu, Jan 30, 2020 at 4:05 AM kohmoto wrote:
> Hi,
>
> I have learned small changes in httpd would
Hi,
I have learned small changes in httpd would cause to expose
version information even we hide it though settings.
The article indicating this realities is in the follow link.
https://blog.eg-secure.co.jp/?m=1
This article is written in Japanese. Please apologize this
convenience, but
