On Thu, Nov 07, 2024 at 10:36:57AM +0100, Kirill A. Korinsky wrote: > ports@, > > Here an update for devel/apr to 1.7.5 which was released August 26, 2024 and > which contains fix CVE-2023-49582. > > Tested on -current/amd64 by rebuilding: > - devel/apr-util > - devel/subversion > - net/serf > - www/ap2-mod_dnssd > - www/ap2-mod_perl > - www/apache-httpd > - www/p5-libapreq2 > > /usr/src/lib/check_sym confrims that only one symbols was added. > > Ok for -current and 7.6?
OK stsp@, thanks. I already know that subversion and serf work fine with this. Not sure about the other ports. But we do not really have a better choice than upgrading devel/apr in any case.
