SSL/TLS-enabled configurations of Apache HTTP Server with OpenSSL 1.0.1 through 1.0.1f are vulnerable to CVE-2014-0160, the so called “Heartbleed Bug.” (OpenSSL versions smaller than 1.0.1, such as 0.9.8 and 1.0.0, are safe.)
No Apache HTTP Server fix …
Glibc backtrace() returns nothing without building the caller with -funwind-tables (or one of several related options); httpd, libapr, etc. all need similar for any real use of mod_backtrace. This is of course all related to the calling convention on ARM. (But casual use of gdb on plain builds of httpd …
Recently I had to debug a mod_rewrite snippet that tried to convert URLs to lower case for a site on a shared host with no access to .conf files. The normal mod_rewrite solution requires the RewriteMap directive, which can’t be placed in .htaccess.
The problematic mod_rewrite snippet was definitely …