Hi Xavier,
On Wed, Jan 23, 2019 at 09:54:29PM +0100, Xavier wrote:
> Le 23/01/2019 à 21:50, Salvatore Bonaccorso a écrit :
> > Hi Xavier,
> >
> > On Wed, Jan 23, 2019 at 09:46:44PM +0100, Xavier wrote:
> >> Le 23/01/2019 à 20:57, Salvatore Bonaccorso a écrit :
> >>> Control: tags -1 + fixed-upstr
Le 23/01/2019 à 21:50, Salvatore Bonaccorso a écrit :
> Hi Xavier,
>
> On Wed, Jan 23, 2019 at 09:46:44PM +0100, Xavier wrote:
>> Le 23/01/2019 à 20:57, Salvatore Bonaccorso a écrit :
>>> Control: tags -1 + fixed-upstream
>>> Control: tags -1 - patch
>>>
>>> Hi Xavier,
>>>
>>> On Wed, Jan 23, 2019
Hi Xavier,
On Wed, Jan 23, 2019 at 09:46:44PM +0100, Xavier wrote:
> Le 23/01/2019 à 20:57, Salvatore Bonaccorso a écrit :
> > Control: tags -1 + fixed-upstream
> > Control: tags -1 - patch
> >
> > Hi Xavier,
> >
> > On Wed, Jan 23, 2019 at 09:18:36AM +0100, Xavier wrote:
> >> Hello,
> >>
> >> D
Le 23/01/2019 à 20:57, Salvatore Bonaccorso a écrit :
> Control: tags -1 + fixed-upstream
> Control: tags -1 - patch
>
> Hi Xavier,
>
> On Wed, Jan 23, 2019 at 09:18:36AM +0100, Xavier wrote:
>> Hello,
>>
>> Debian bug is tagged as "patch", but I didn't find any patch in the
>> related documents.
Source: apache2
Version: 2.4.37-1
Severity: important
Tags: security upstream fixed-upstream
Control: found -1 2.4.25-3+deb9u6
Control: found -1 2.4.25-3
Hi,
The following vulnerability was published for apache2.
CVE-2018-17199[0]:
mod_session_cookie does not respect expiry time
If you fix the
Processing control commands:
> found -1 2.4.25-3+deb9u6
Bug #920303 [src:apache2] apache2: CVE-2018-17199: mod_session_cookie does not
respect expiry time
Marked as found in versions apache2/2.4.25-3+deb9u6.
> found -1 2.4.25-3
Bug #920303 [src:apache2] apache2: CVE-2018-17199: mod_session_cookie
Processing control commands:
> found -1 2.4.25-3+deb9u6
Bug #920302 [src:apache2] apache2: CVE-2018-17189: mod_http2, DoS via slow,
unneeded request bodies
Marked as found in versions apache2/2.4.25-3+deb9u6.
> found -1 2.4.25-3
Bug #920302 [src:apache2] apache2: CVE-2018-17189: mod_http2, DoS vi
Source: apache2
Version: 2.4.37-1
Severity: important
Tags: security upstream fixed-upstream
Control: found -1 2.4.25-3+deb9u6
Control: found -1 2.4.25-3
Hi,
The following vulnerability was published for apache2.
CVE-2018-17189[0]:
mod_http2, DoS via slow, unneeded request bodies
If you fix the
Control: tags -1 + fixed-upstream
Control: tags -1 - patch
Hi Xavier,
On Wed, Jan 23, 2019 at 09:18:36AM +0100, Xavier wrote:
> Hello,
>
> Debian bug is tagged as "patch", but I didn't find any patch in the
> related documents. Can you give me the link to patch ?
Well you are right, not a patch
Processing control commands:
> tags -1 + fixed-upstream
Bug #920220 [src:apache2] apache2: CVE-2019-0190: mod_ssl 2.4.37 remote DoS
when used with OpenSSL 1.1.1
Added tag(s) fixed-upstream.
> tags -1 - patch
Bug #920220 [src:apache2] apache2: CVE-2019-0190: mod_ssl 2.4.37 remote DoS
when used wi
I've had seemingly the same issue. After several weeks of running a backported
apache2 2.4.37-1 the issues are gone.
Previously it was happening several times every day, with the outage lasting
sometimes 10 minutes or so.
This was very difficult to troubleshoot, as nothing is logged, and it was
Hello,
Debian bug is tagged as "patch", but I didn't find any patch in the
related documents. Can you give me the link to patch ?
Cheers,
Xavier
Le 22/01/2019 à 21:18, Salvatore Bonaccorso a écrit :
> Source: apache2
> Version: 2.4.37-1
> Severity: grave
> Tags: patch security upstream
>
> Hi (
12 matches
Mail list logo
