These patches were merged 9 days ago, but the updated package hasn't made its way into stable yet. The exploits are rated moderate to high. Is there anything preventing the updated package from being built? Can anything be done to help speed the process up?
CVSROOT: /cvs > Module name: ports > Changes by: [email protected] 2021/09/16 15:18:10 > > Modified files: > www/apache-httpd: Makefile distinfo > www/apache-httpd/patches: patch-modules_ssl_ssl_engine_init_c > Removed files: > www/apache-httpd/patches: patch-modules_md_md_crypt_c > > Log message: > Update to 2.4.49 > fixes CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275 > and CVE-2021-40438. > Full changelog at https://downloads.apache.org/httpd/CHANGES_2.4.49 >
