Re: apache2 CVE-2018-17199 stretch

To: debian-security@lists.debian.org
Cc: Stefan Fritsch <sf@sfritsch.de>
Subject: Re: apache2 CVE-2018-17199 stretch
From: Bjørn Håkon Noss <nb@noss.cc>
Date: Sat, 23 Mar 2019 12:31:09 +0100
Message-id: <[🔎] CAFMP8smKG18bh=Mjd-KkaMh2kvZ8wJhXq7V3Wf6_3KHwdHsnpQ@mail.gmail.com>
In-reply-to: <[🔎] 1579456.igvMD3jVKU@k>
References: <[🔎] CAFMP8skHR202UB896MAqTNjQmy1Egz+PyBpcUDnbQ-f2TdkeJA@mail.gmail.com> <[🔎] 1579456.igvMD3jVKU@k>

Thanks for the reply Stefan

That makes sense.

/Bjørn Håkon


Den fre. 22. mar. 2019 kl. 21:20 skrev Stefan Fritsch <sf@sfritsch.de>:
>
> On Monday, 18 March 2019 09:19:41 CET Bjørn Håkon Noss wrote:
> > After looking at the Security tracker
> > (https://security-tracker.debian.org/tracker/CVE-2018-17199), I can
> > see that CVE-2018-17199 is fixed in both jessie and buster but not
> > stretch.
> >
> > Do you have any information about if and when it will be fixed in stretch?
> >
> > The bug causes our PCI Compliance to fail.
>
> As this is low severity, we intend to fix this in the next Debian stable point
> release (9.9).
>
> Cheers,
> Stefan
>
>
>
>

Reply to:

References:
- apache2 CVE-2018-17199 stretch
  - From: Bjørn Håkon Noss <nb@noss.cc>
- Re: apache2 CVE-2018-17199 stretch
  - From: Stefan Fritsch <sf@sfritsch.de>

Prev by Date: Re: apache2 CVE-2018-17199 stretch
Next by Date: Upcoming stable point release (9.9)
Previous by thread: Re: apache2 CVE-2018-17199 stretch
Next by thread: Upcoming stable point release (9.9)
Index(es):
- Date
- Thread