The Apache httpd project reports:
isource code disclosure with handlers configured via AddType
(CVE-2024-39884) (Important). A regression in the core of Apache HTTP
Server 2.4.60 ignores some use of the legacy content-type based
configuration of handlers. “AddType” and similar configuration,
under some circumstances where files are requested indirectly, result
in source code disclosure of local content. For example, PHP scripts
may be served instead of interpreted.