From 586fbe0aeb855e2a2a2895b07301b203b5b2022d Mon Sep 17 00:00:00 2001
From: Sylvain Beucler <beuc@beuc.net>
Date: Wed, 1 Dec 2021 18:20:05 +0100
Subject: CVE-2021-36160/apache2: reference upstream'd regression patch

---
 data/CVE/list.2021 | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 4cf9f58fc3..ed4f5ecf68 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -19530,6 +19530,7 @@ CVE-2021-36160 (A carefully crafted request uri-path can cause mod_proxy_uwsgi t
 	NOTE: uwsgi since 2.0.15-11 drops building the libapache2-mod-proxy-uwsgi{,-dbg}
 	NOTE: packages which are provided by src:apache2 itself.
 	NOTE: Regression report: https://bz.apache.org/bugzilla/show_bug.cgi?id=65616
+	NOTE: Regression patch: https://github.com/apache/httpd/commit/8966e290a6e947fad0289bf4e243b0b552e13726 (2.4.x)
 CVE-2021-36159 (libfetch before 2021-07-26, as used in apk-tools, xbps, and other prod ...)
 	NOT-FOR-US: libfetch
 CVE-2021-36158 (In the xrdp package (in branches through 3.14) for Alpine Linux, RDP s ...)
-- 
cgit v1.2.3