The Apache Software Foundation has released security update for Apache HTTP Server to address security vulnerability (CVE-2024-39884) A remote attacker could exploit this vulnerability to trigger source code disclosure on the targeted system. The issue affects Apache HTTP Server 2.4.60 and prior versions. The vulnerability has been fixed in Apache HTTP Server 2.4.61.

More information on vulnerabilities and update is available in the Apache’s release note – apache.org.