On 09/23, pgajdos wrote: > On Thu, Sep 23, 2021 at 11:45:49AM +0200, Riccardo Schirone wrote: > > I'm trying to gather more information about CVE-2021-40438, CVE-2021-39275, > > CVE-2021-36160, CVE-2021-34798 that were recently fixed in Apache 2.4.49. > > The > > CHANGES file and the security page on the website just contain very short > > descriptions of the flaws. > > > > I'd like to know what are the specific issues, patches, and files related to > > each flaw, so that I can better understand what is the impact of each of > > these > > flaws. > > Try to look at SUSE bugs, the information is partly there already. In case I > am wrong somewhere, let me know.
Thanks for your reply Petr! Were these confirmed by upstream as well or found by looking at the SVN history? > > Thanks, > Petr > > -- > Have a lot of fun! > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > -- Riccardo Schirone Red Hat -- Product Security Email: rschi...@redhat.com PGP-Key ID: CF96E110
signature.asc
Description: PGP signature
