Hello Marc,
One LTS contributor (Lee) claimed the package a few days ago, so an
update is underway.
Apache2 for LTS has multiple sponsors, so it has good priority within
the work queue.
As for bullseye, an update is planned for the next point release:
https://bugs.debian.org/cgi-bin/bugrepo
Hello,
CERT-FR considers three new Apache2 vulnerabilities to be of concern [1].
These are:
CVE-2022-37436 [2]
CVE-2022-36760 [3]
CVE-2006-20001 [4]
The first one will modify how clients may apply some security headers if a
malicious backend triggers this bug (some headers will be in the respon
