Fix for CVE-2021-40438 breaks existing configs
Bug #1945311 reported by
Jean-Louis Dupond
This bug affects 3 people
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apache2 (Ubuntu) |
Fix Released
|
High
|
Marc Deslauriers | ||
Trusty |
Invalid
|
Undecided
|
Unassigned | ||
Xenial |
Fix Released
|
High
|
Leonidas S. Barbosa | ||
Bionic |
Fix Released
|
High
|
Marc Deslauriers | ||
Focal |
Fix Released
|
High
|
Marc Deslauriers | ||
Hirsute |
Fix Released
|
High
|
Marc Deslauriers | ||
Impish |
Fix Released
|
High
|
Marc Deslauriers |
Bug Description
The patches introduced for CVE-2021-40438 break existing configs.
For example on Plesk:
https:/
Upstream pushed some additional fixes for it:
https:/
https:/
In Debian I guess they will be included also according to https:/
So I think it might be good to include those 2 into Ubuntu as well.
CVE References
Changed in apache2 (Ubuntu Bionic): | |
importance: | Undecided → High |
Changed in apache2 (Ubuntu Focal): | |
importance: | Undecided → High |
Changed in apache2 (Ubuntu Hirsute): | |
importance: | Undecided → High |
Changed in apache2 (Ubuntu Impish): | |
importance: | Undecided → High |
Changed in apache2 (Ubuntu Impish): | |
status: | Confirmed → Fix Committed |
Changed in apache2 (Ubuntu Xenial): | |
status: | Confirmed → Fix Released |
Changed in apache2 (Ubuntu Trusty): | |
status: | Confirmed → Invalid |
Changed in apache2 (Ubuntu Xenial): | |
assignee: | nobody → Leonidas S. Barbosa (leosilvab) |
importance: | Undecided → High |
To post a comment you must log in.
Status changed to 'Confirmed' because the bug affects multiple users.