Bug#920235: Reading from /dev/urandom hangs from an Apache2 cgi-bin, but not from the shell

Package: apache2 Version: 2.4.25-3+deb9u6 OS details: Debian GNU/Linux 9 (stretch) Linux debian 4.18.16-x86_64-linode118 #1 SMP PREEMPT Mon Oct 29 15:38:25 UTC 2018 x86_64 GNU/Linux Apache details: Server version: Apache/2.4.25 (Debian) Server built: 2018-11-03T18:46:19 Steps to reproduce:

Bug#920220: apache2: CVE-2019-0190: mod_ssl 2.4.37 remote DoS when used with OpenSSL 1.1.1

Source: apache2 Version: 2.4.37-1 Severity: grave Tags: patch security upstream Hi (Stefan), I agree the severity is not the best choosen one for this issue, it is more to ensure we could release buster with an appropriate fix already before the release. If you disagree, please do downgrade. The

Bug#920203: apache2 needs to be upgrade to 2.4.26+ to better interoperability with php-fpm

Package: apache2 Version: 2.4.25-3+deb9u6 Apache's module proxy_fcgi  needs to be upgraded to (at least) 2.4.26 to fix some issues with php-fpm. This is documented on page https://httpd.apache.org/docs/2.4/mod/mod_proxy_fcgi.html in the ProxyFCGIBackendType directive. There are many issues relat