icing commented on PR #10: URL: https://github.com/apache/httpd-site/pull/10#issuecomment-1759749454
> It also needs to be considered that Ubuntu 22.04 which was used for the test uses httpd 2.4.52 and nghttp2 1.43 (+ whatever patches they have added). Maybe these older versions are still vulnerable? A valid question. I am not sure if the httpd project is able to make security assessments for releases of distros. I certainly do not have the manpower to do those. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@httpd.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
