Hi, could you please update the Apache packages in the BookStack image to at least: ```text apache2 >= 2.4.67-1~deb12u2 apache2-bin >= 2.4.67-1~deb12u2 ``` primary because of: - CVE-2026-23918 - HTTP/2 Double Free / mögliche RCE - CVE-2026-24072 - Privilege Escalation in verschiedenen Modulen - CVE-2026-29169 - NULL Pointer Dereference in mod_dav_lock - CVE-2026-33007 - NULL Pointer Dereference in mod_authn_socache - CVE-2026-34032 - Improper Null Termination / Out-of-bounds Read - CVE-2026-33857 - Out-of-bounds Read in mod_proxy_ajp References: * https://httpd.apache.org/security/vulnerabilities_24.html Checked `solidnerd/bookstack:26.3.4`, seems to contain Apache 2.4.66, while Apache upstream lists 2.4.67 as the fixed version. Thanks a lot.
Hi,
could you please update the Apache packages in the BookStack image to at least:
primary because of:
References:
Checked
solidnerd/bookstack:26.3.4, seems to contain Apache 2.4.66, while Apache upstream lists 2.4.67 as the fixed version.Thanks a lot.