Hi Moritz, On Fri, May 02, 2025 at 02:13:01PM +0200, Moritz Schlarb wrote: > Hi carnil, > > On Thu, 2025-05-01 at 09:18 +0200, Salvatore Bonaccorso wrote: > > The only reference so far we have is the RedHat bugzilla entry at [1], > > do you know more, is it reported upstream and have other references to > > follow? > > Upstream had not even been informed about this vulnerability, nor registered > the CVE. > Also, we both tried to reproduce the bug in question but could not trigger a > crash of the Apache httpd process...
Okay that's bad. Let's ask in the RedHat bugzilla then if they can share more information. Do you have a RH bugzilla account to subscribe to the bug as well? Otherwise I will try to relay new information. Regards, Salvatore
