Endpoint Vulnerability

Apache Httpd - low:mod_lua multiple 'Require' directive handling is broken(CVE-2014-8109)

Description

Fix handling of the Require line in mod_lau when a LuaAuthzProvider is used in multiple Require directives with different arguments. This could lead to different authentication rules than expected.

Affected Products

Apache Httpd

References

CVE-2014-8109,