On 11/5/20 5:39 PM, Joe Orton wrote:
> Hi, I've prepared a candidate release tarball for libapreq2 v2.15 here:
>
> https://dist.apache.org/repos/dist/dev/httpd/libapreq/
>
> This release is mainly to address a security issue in libapreq2 which
> has been outstanding for over a year, CVE-2019-12412.
>
> I would like to call a VOTE over the next few days to release this
> candidate tarball as v2.15:
>
> [X] +1: It's not just good, it's good enough!
> [ ] +0: Let's have a talk.
> [ ] -1: There's trouble in paradise. Here's what's wrong.
>
> SHA1/256/512 checksum for the tarball are as follows:
>
> 2b1a99d9dec34b4e23dc5c63b4f232199f01bb3d libapreq2-2.15.tar.gz
> 4a48afcd88902b5c5039a3992382c448de0108664ddd046f45399709f9c4f494
> libapreq2-2.15.tar.gz
> abdc34f4867ba891966e7296c8110cffaa723f9b966522a1de352bc459e89e5cfc60de25dcd20cf0fa9b7cdf9282719b0276b621af8aa7bb770c89a7fbae4701
> libapreq2-2.15.tar.gz
>
> The release is prepared from:
> https://svn.apache.org/repos/asf/httpd/apreq/branches/v2.15 at r1883146
>
Regards
RĂ¼diger