On 09/23, Ran Mozes wrote: > to find out about CVEs you can follow the related links from the NVD site. In the case of CVE-2021-40438 it led me to https://src.fedoraproject.org/rpms/httpd#817ac0a9a475f26768e49342e055307368258b74 > there you could dig so more to find information about the users/commits/contents. I think Fedora just did a full rebase to the newer version, so there aren't details about the specific CVEs, unless I'm missing something. > > HTH > > > Am 23.09.2021 um 11:45 schrieb Riccardo Schirone <rschiron@xxxxxxxxxx>: > > > > Hi, > > > > I'm trying to gather more information about CVE-2021-40438, CVE-2021-39275, > > CVE-2021-36160, CVE-2021-34798 that were recently fixed in Apache 2.4.49. The > > CHANGES file and the security page on the website just contain very short > > descriptions of the flaws. > > > > I'd like to know what are the specific issues, patches, and files related to > > each flaw, so that I can better understand what is the impact of each of these > > flaws. > > > > Thanks in advance for any information, > > -- > > Riccardo Schirone > > Red Hat -- Product Security > > Email: rschiron@xxxxxxxxxx > > PGP-Key ID: CF96E110 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > -- Riccardo Schirone Red Hat -- Product Security Email: rschiron@xxxxxxxxxx PGP-Key ID: CF96E110
Attachment:
signature.asc
Description: PGP signature
|