Time Nick Message 00:15 koha-jenkins Project Koha_21.11_D12 build #3: SUCCESS in 1 hr 0 min: https://jenkins.koha-community.org/job/Koha_21.11_D12/3/ 00:24 koha-jenkins Project Koha_21.11_D10 build #4: STILL UNSTABLE in 1 hr 9 min: https://jenkins.koha-community.org/job/Koha_21.11_D10/4/ 15:07 schnyd test 15:14 eugene_ has anyone tried using newer version of apache2 other than what is given in sources? in debian 10, apache version is 2.4.38 15:16 eugene_ Please see: https://httpd.apache.org/security/vulnerabilities_24.html 15:19 tuxayo eugene_: "other than what is given in sources" you mean the Debian 10 repos? 15:19 tuxayo https://tracker.debian.org/pkg/apache2 15:20 tuxayo oldstable: 2.4.38-3+deb10u5 15:20 tuxayo https://metadata.ftp-master.debian.org/changelogs//main/a/apache2/apache2_2.4.38-3+deb10u6_changelog 15:21 tuxayo Even though it's 2.4.38, the deb10u5 seems to be about the security patches that are backported by Debian packagers 15:24 eugene_ hmm so it is safe to say that 2.4.38 has the patch for the vulnerabilities I previously sent? 15:26 tuxayo as for your question about using a newer version, in the environments running automated tests for Koha, on is using Debian 11 and apache 2.4.51 so Koha it should work on the latest apache 15:27 tuxayo > has the patch for the vulnerabilities I previously sent? 15:27 tuxayo I wouldn't worry about Debian. 15:29 eugene_ okay got this. thanks for the info! :) 15:29 tuxayo It would be on Debian's side that you could check that. (chat, forums, mailing lists) 15:31 eugene_ :D 15:33 tuxayo There is a mailing list for apache packaging and a question was asked about a sec patch. 15:33 tuxayo https://lists.debian.org/debian-apache/2021/11/msg00250.html 15:34 tuxayo This tool has been pointed 15:34 tuxayo https://security-tracker.debian.org/tracker/CVE-2021-41524 15:38 eugene_ yay.. thanks a lot on this. :) 15:38 tuxayo hum, after trying a few of the mentioned CVEs this one is marked as still affecting Debian 10 15:38 tuxayo https://security-tracker.debian.org/tracker/CVE-2021-33193 15:38 tuxayo I leave you the rest about digging or asking about this one :P