Date: Fri, 10 Jun 2022 08:51:55 +0900 (JST) From: moto kawasaki <moto@kawasaki3.org> To: ish@amail.plala.or.jp Cc: freebsd-security@freebsd.org Subject: Re: Is apache24-2.4.54 vulnerable ? Message-ID: <20220610.085155.1636577084047793852.moto@kawasaki3.org> In-Reply-To: <20220610.081507.1134393150579572029.ish@amail.plala.or.jp> References: <20220610.081507.1134393150579572029.ish@amail.plala.or.jp>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi ISHIZUKA san, It seems like true for apache24-2.4.53 and prior, and fixed version is ...2.4.54. See also Apache httpd's Security Reports page: https://httpd.apache.org/security/vulnerabilities_24.html Thanks. -- moto kawasaki <moto@kawasaki3.org> on Fri, 10 Jun 2022 08:15:07 +0900 (JST), Masachika ISHIZUKA <ish@amail.plala.or.jp> wrote: > % uname -a > FreeBSD peach.ish.org 13.1-RELEASE FreeBSD 13.1-RELEASE releng/13.1-n250148-fc952ac2212 GENERIC amd64 > % pkg audit -F > vulnxml file up-to-date > apache24-2.4.54 is vulnerable: > Apache httpd -- Multiple vulnerabilities > CVE: CVE-2022-26377 > CVE: CVE-2022-28330 > CVE: CVE-2022-28614 > CVE: CVE-2022-28615 > CVE: CVE-2022-29404 > CVE: CVE-2022-30522 > CVE: CVE-2022-30556 > CVE: CVE-2022-31813 > WWW: https://vuxml.FreeBSD.org/freebsd/49adfbe5-e7d1-11ec-8fbd-d4c9ef517024.html > 1 problem(s) in 1 installed package(s) found. > > Is this report true for apache24-2.4.54 ? > -- > Masachika ISHIZUKA >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20220610.085155.1636577084047793852.moto>