> seems to be tagged so by vulnxml, but all this CVE are addressed and > fixed by 2.4.54 (https://downloads.apache.org/httpd/CHANGES_2.4.54) > >>>> % pkg audit -F >>>> vulnxml file up-to-date >>>> apache24-2.4.54 is vulnerable: >>>> [snip] >> >> vuln-2022.xml: >> <affects> >> <package> >> <name>apache24</name> >> <range><lt>2.5.54</lt></range> <------- 2.4.54 ??? >> </package> ~~~~~~ >> </affects>
Thank you for reply. vulnxml was fixed by 0bb1abdb20498df239e15e7f9e9eec33e2eec499. -- Masachika ISHIZUKA
