This vulnerability notification has been updated on December 15 2021 to include a second issue discovered by Apache, which rendered some of the previous remediation strategies to be incomplete.
This page is out of date. Please proceed to the newest update page: