This was addressed in USN 4458-1: https://usn.ubuntu.com/4458-1
Thanks
** Changed in: apache2 (Ubuntu)
Status: In Progress => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Hello Chris, thanks for contacting us. If you know why your PCI
compliance auditor has flagged these issues as high priorities, it may
be helpful to us to better understand the urgency.
We do intend to address these issues but currently we have other issues
that we believe are more impactful to
As this security issue seems to have not progressed afaik since may, I
wanted to make sure whoever is involved in triaging this know that this
CVE has been considered a high priority for PCI compliancy checks even
though it appears to be marked "Low" by Canonical.
--
You received this bug
Assigning to ubuntu-security for triage from their POV.
But actually I think this is known and in progress:
https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1934.html
https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html
** Changed in: apache2 (Ubuntu)
** Information type changed from Public to Public Security
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1870818
Title:
apache2 security fix in 2.4.43
To manage notifications about this bug go to:
Status changed to 'Confirmed' because the bug affects multiple users.
** Changed in: apache2 (Ubuntu)
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1870818
Title:
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1870818
Title:
apache2 security fix in 2.4.43
To manage notifications about this bug go
