Hey! I’m trying to figure out if CVE-2019-0211 affects HTTPD within Rocky, and whether this has a remediated version available.
So far I’ve not been able to find it listed in any of the errata, but I was able to find some references within the r8-stream-2.4 repo on Git: SOURCES · r8-stream-2.4 · staging / rpms / httpd · GitLab
httpd-2.4.37-CVE-2019-0211.patch import httpd-2.4.37-30.module+el8.3.0+7001+0766b9e7
This commit leads to what appears to be a patch for this vulnerability: SOURCES/httpd-2.4.37-CVE-2019-0211.patch · r8-stream-2.4 · staging / rpms / httpd · GitLab
But I’m not overly familiar with HTTPD and can’t quite determine if there’s a fix for this vulnerability present in the code changes above.
From the commit above, would this version of httpd-2.4.37-30.module+el8.3.0+7001+0766b9e7 be considered a remediation for the vulnerability? If so, is it being missing from the errata an oversight or is there a reason for it not being included?