Bug#1012513: apache2: CVE-2022-31813 CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556

To: Yadd <yadd@debian.org>
Cc: 1012513@bugs.debian.org
Subject: Bug#1012513: apache2: CVE-2022-31813 CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Wed, 8 Jun 2022 20:45:27 +0200
Message-id: <[🔎] 20220608184527.GA7817@inutil.org>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 1012513@bugs.debian.org
In-reply-to: <[🔎] 2b2-62a0e180-337-7600378@105174481>
References: <[🔎] YqDFHDvM1qHHcAcl@pisco.westfalen.local> <[🔎] 2b2-62a0e180-337-7600378@105174481> <[🔎] YqDFHDvM1qHHcAcl@pisco.westfalen.local>

On Wed, Jun 08, 2022 at 07:51:28PM +0200, Yadd wrote:
> Hi,
> 
> those CVEs are tagged low/moderate by upstream, why did you tag this bug as grave ?

Anything moderate or above should get fixed by the next Debian release IOW RC severity.

Cheers,
        Moritz

Reply to:

References:
- Bug#1012513: apache2: CVE-2022-31813 CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556
  - From: Moritz Mühlenhoff <jmm@inutil.org>
- Bug#1012513: apache2: CVE-2022-31813 CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556
  - From: "Yadd" <yadd@debian.org>

Prev by Date: Bug#1012513: apache2: CVE-2022-31813 CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556
Next by Date: Processed: tagging 1012513, found 1012513 in 2.4.53-2
Previous by thread: Bug#1012513: apache2: CVE-2022-31813 CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556
Next by thread: Bug#1012513: marked as done (apache2: CVE-2022-31813 CVE-2022-26377 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30522 CVE-2022-30556)
Index(es):
- Date
- Thread