HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. References: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2024-24795 https://svn.apache.org/viewvc?view=revision&revision=1916769
Created httpd tracking bugs for this issue: Affects: fedora-all [bug 2273500]
As I am unable to view any of 2273504, 2273506, 2273507, 2273505, or 2273509, can someone please tell me what the potential ETA is for this vulnerability being patched, please?