Bug#920220: apache2: CVE-2019-0190: mod_ssl 2.4.37 remote DoS when used with OpenSSL 1.1.1
Le 23/01/2019 à 20:57, Salvatore Bonaccorso a écrit :
> Control: tags -1 + fixed-upstream
> Control: tags -1 - patch
>
> Hi Xavier,
>
> On Wed, Jan 23, 2019 at 09:18:36AM +0100, Xavier wrote:
>> Hello,
>>
>> Debian bug is tagged as "patch", but I didn't find any patch in the
>> related documents. Can you give me the link to patch ?
>
> Well you are right, not a patch per se, maybe fixed-upstream and
> "there is a patch" would have been better. Let me fix that.
>
> If feasible possibly updating to the new upstream version fixing this
> CVE (and two other) would be better if still feasible so short before
> the soft freeze.
>
> Regards,
> Salvatore
Hello,
looking at last release changelog, bug seems not fixed
Reply to: