On Thu, Nov 5, 2020 at 11:40 AM Joe Orton <jor...@redhat.com> wrote: > > Hi, I've prepared a candidate release tarball for libapreq2 v2.15 here: > > https://dist.apache.org/repos/dist/dev/httpd/libapreq/ > > This release is mainly to address a security issue in libapreq2 which > has been outstanding for over a year, CVE-2019-12412. > > I would like to call a VOTE over the next few days to release this > candidate tarball as v2.15: > > [ ] +1: It's not just good, it's good enough! > [ ] +0: Let's have a talk. > [ ] -1: There's trouble in paradise. Here's what's wrong. > > SHA1/256/512 checksum for the tarball are as follows: > > 2b1a99d9dec34b4e23dc5c63b4f232199f01bb3d libapreq2-2.15.tar.gz > 4a48afcd88902b5c5039a3992382c448de0108664ddd046f45399709f9c4f494 > libapreq2-2.15.tar.gz > abdc34f4867ba891966e7296c8110cffaa723f9b966522a1de352bc459e89e5cfc60de25dcd20cf0fa9b7cdf9282719b0276b621af8aa7bb770c89a7fbae4701 > libapreq2-2.15.tar.gz > > The release is prepared from: > https://svn.apache.org/repos/asf/httpd/apreq/branches/v2.15 at r1883146 > > Regards, Joe
+1 based on diff to 2.13