[Git][security-tracker-team/security-tracker][master] Add notes for apache2

Sun Aug 30 22:08:25 BST 2020


Utkarsh Gupta pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fd45a565 by Utkarsh Gupta at 2020-08-31T02:38:17+05:30
Add notes for apache2

Thanks to Xavier (yadd) for clarification of work needed!

- - - - -


1 changed file:

- data/dla-needed.txt


Changes:

=====================================
data/dla-needed.txt
=====================================
@@ -24,6 +24,9 @@ ansible
 apache2
   NOTE: 20200808: Seems affected by CVE-2020-9490, CVE-2020-11993 (abhijith)
   NOTE: 20200817: Too intrusive. Re-visit back later -> experimenting fixes for ELTS. (utkarsh)
+  NOTE: 20200831: sadly, the fix for http2 features requires whole modules/http2 backport.
+  NOTE: 20200831: for other things, we might need to import CVE-20{19,20}-* files from
+  NOTE: 20200831: buster-security branch (from yadd) (utkarsh)
 --
 ark (Abhijith PA)
   NOTE: 20200731: given PoC not working as intended. (abhijith)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd45a565f46d7ea2a799f2c293c9450ef100dd29

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd45a565f46d7ea2a799f2c293c9450ef100dd29
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200830/329d5163/attachment.html>
