On Wed, Mar 08, 2023 at 07:09:20AM +0400, Yadd wrote:
On 3/7/23 23:46, Salvatore Bonaccorso wrote:
Source: apache2
Version: 2.4.55-1
Severity: grave
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Hi,
The following vulnerabilities were published for apache2.
CVE-2023-25690[0]:
CVE-2023-27522[1]:
Hi,
here is the debdiff for Bullseye
I'm fine with a DSA, but we've seen a fair amount of regressions in 2.4.x releases,
so let's wait a few days for regressions reported in sid (and Ondreys PHP repo).
You can already upload the new version, though (we can reject/reupload if needed).
Cheers,
Moritz