Hi Jeremy, On Thu, May 15, 2025 at 10:50:34PM +0200, Jérémy Lal wrote: > Also https://nodejs.org/en/blog/release/v20.19.2/ > mentions > CVE-2024-27982 http: do not allow OBS fold in headers by default
Question on this one, this was already fixed in v18.20.1 and we did got the fix included in 18.20.1+dfsg-1 correct? Did we lost the fix afterwards? Do we likely have other such problems (maybe from the april 2024 release CVEs)? Regards, Salvatore
