These patches were merged 9 days ago, but the updated package hasn't made
its way into stable yet. The exploits are rated moderate to high. Is there
anything preventing the updated package from being built? Can anything be
done to help speed the process up?
CVSROOT: /cvs
> Module name: ports
> Changes by: giovanni@cvs.openbsd.org 2021/09/16 15:18:10
>
> Modified files:
> www/apache-httpd: Makefile distinfo
> www/apache-httpd/patches: patch-modules_ssl_ssl_engine_init_c
> Removed files:
> www/apache-httpd/patches: patch-modules_md_md_crypt_c
>
> Log message:
> Update to 2.4.49
> fixes CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275
> and CVE-2021-40438.
> Full changelog at https://downloads.apache.org/httpd/CHANGES_2.4.49
>
No comments:
Post a Comment