* SECURITY UPDATE: buffer underwrite in ap_regname() via crafted regular
expressions in the configuration
- debian/patches/CVE-2026-44631.patch: cast the PCRE name-table capture
index bytes to unsigned char in ap_regname() in server/util_pcre.c so a
high bit no longer sign-extends the capture index to a negative value,
and reject capture group numbers above 1024 by returning an error that
the
// and configuration handlers in
server/core.c and modules/proxy/mod_proxy.c now check, preventing a
buffer underwrite. Upstream fix
7d9f3cfb10b0fe70df7358d26d7b1f374ea1a0cb (SVN r1935015).
- CVE-2026-44631