Date: Thu, 04 Jun 2026 08:16:51 +0000 From: bugzilla-noreply@freebsd.org To: apache@FreeBSD.org Subject: [Bug 295842] www/apache24: Patch CVE-2026-49975 (HTTP2 Bomb DoS) Message-ID: <bug-295842-16115-tEONx0eWGC@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-295842-16115@https.bugs.freebsd.org/bugzilla/>
index | next in thread | previous in thread | raw e-mail
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=295842 Bernard Spil <brnrd@freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |brnrd@freebsd.org Resolution|--- |FIXED Status|New |Closed --- Comment #2 from Bernard Spil <brnrd@freebsd.org> --- Thanks Dani! People can also use www/mod_http2 as a mitigation, that's already at 2.0.42. With the slew of LLM assisted security findings, it may be wise to pivot to the separate module. Note you have to modify your LoadModule for this to work! -- You are receiving this mail because: You are the assignee for the bug.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-295842-16115-tEONx0eWGC>