On Thu, Sep 23, 2021 at 12:41:10PM +0200, Riccardo Schirone wrote: > On 09/23, pgajdos wrote: > > On Thu, Sep 23, 2021 at 11:45:49AM +0200, Riccardo Schirone wrote: > > > I'm trying to gather more information about CVE-2021-40438, > > > CVE-2021-39275, > > > CVE-2021-36160, CVE-2021-34798 that were recently fixed in Apache 2.4.49. > > > The > > > CHANGES file and the security page on the website just contain very short > > > descriptions of the flaws. > > > > > > I'd like to know what are the specific issues, patches, and files related > > > to > > > each flaw, so that I can better understand what is the impact of each of > > > these > > > flaws. > > > > Try to look at SUSE bugs, the information is partly there already. In case I > > am wrong somewhere, let me know. > > Thanks for your reply Petr! Were these confirmed by upstream as well or found > by looking at the SVN history?
In case it was confirmed upstream, it is written in come of comments of the respective bug. Petr -- Have a lot of fun! --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
