summaryrefslogtreecommitdiff
path: root/debian/apache2.README.Debian
diff options
context:
space:
mode:
Diffstat (limited to 'debian/apache2.README.Debian')
-rw-r--r--debian/apache2.README.Debian11
1 files changed, 11 insertions, 0 deletions
diff --git a/debian/apache2.README.Debian b/debian/apache2.README.Debian
index e4e7f3bc..825c5e38 100644
--- a/debian/apache2.README.Debian
+++ b/debian/apache2.README.Debian
@@ -282,6 +282,17 @@ time and the default suexec mechanism can be picked by using the
update-alternatives(8) system.
+Unicode File Name Normalization
+===============================
+
+Using Apache with the document root on a file system that does unicode
+normalization on the filenames can cause security issues. In Debian,
+this affects ZFS with the non-default option to enable filename normalization,
+and HFS+. It is strongly recommended not to use Apache with such file systems.
+More information about this issue can be found by searching the web for
+CVE-2013-0966.
+
+
Documentation
=============
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-12 15:05:33 +0000