Hi, The PTS reports there is a CVE open for Cherokee (CVE-2009-4587). This bug, however, seems to affect only Windows installs. FWIW there is even a note on the CVE report¹ stating it is a lack of validation bug, but I understand it cannot be used to crash the server in Debian.
Anyway, I have not dealt with CVE reports against my packages before, and don't know how to close this report. Thanks, ¹ http://security-tracker.debian.org/tracker/CVE-2009-4587 -- Gunnar Wolf • [email protected] • (+52-55)5623-0154 / 1451-2244 -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
