I think to fix the CVE you can simply do the addition to the struct at the end instead of in the middle. That should avoid the shifting which ultimately caused this bug. Might not be the most beautiful option but that might be the only option that doesn't require rebuilding all packages.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2155992 Title: headers-more dynamic module crash | Signal 11 and 6 Crashes due to ABI breakage on 1.24.0-2ubuntu7.10 and 1.28.3-2ubuntu1.3 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libnginx-mod-http-dav-ext/+bug/2155992/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
