Assigning to ubuntu-security for triage from their POV. But actually I think this is known and in progress: https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1934.html https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1927.html
** Changed in: apache2 (Ubuntu) Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security) ** Changed in: apache2 (Ubuntu) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1870818 Title: apache2 security fix in 2.4.43 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1870818/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs