[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#920220: apache2: CVE-2019-0190: mod_ssl 2.4.37 remote DoS when used with OpenSSL 1.1.1

Control: tags -1 + fixed-upstream
Control: tags -1 - patch

Hi Xavier,

On Wed, Jan 23, 2019 at 09:18:36AM +0100, Xavier wrote:
> Hello,
> 
> Debian bug is tagged as "patch", but I didn't find any patch in the
> related documents. Can you give me the link to patch ?

Well you are right, not a patch per se, maybe fixed-upstream and
"there is a patch" would have been better. Let me fix that.

If feasible possibly updating to the new upstream version fixing this
CVE (and two other) would be better if still feasible so short before
the soft freeze.

Regards,
Salvatore
Reply to: