On 09/23, Ran Mozes wrote: > to find out about CVEs you can follow the related links from the NVD site. In > the case of CVE-2021-40438 it led me to > https://src.fedoraproject.org/rpms/httpd#817ac0a9a475f26768e49342e055307368258b74 > there you could dig so more to find information about the > users/commits/contents.
I think Fedora just did a full rebase to the newer version, so there aren't details about the specific CVEs, unless I'm missing something. > > HTH > > > Am 23.09.2021 um 11:45 schrieb Riccardo Schirone <rschi...@redhat.com>: > > > > Hi, > > > > I'm trying to gather more information about CVE-2021-40438, CVE-2021-39275, > > CVE-2021-36160, CVE-2021-34798 that were recently fixed in Apache 2.4.49. > > The > > CHANGES file and the security page on the website just contain very short > > descriptions of the flaws. > > > > I'd like to know what are the specific issues, patches, and files related to > > each flaw, so that I can better understand what is the impact of each of > > these > > flaws. > > > > Thanks in advance for any information, > > -- > > Riccardo Schirone > > Red Hat -- Product Security > > Email: rschi...@redhat.com > > PGP-Key ID: CF96E110 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > -- Riccardo Schirone Red Hat -- Product Security Email: rschi...@redhat.com PGP-Key ID: CF96E110
signature.asc
Description: PGP signature
