• chameleon@kbin.social
    link
    fedilink
    arrow-up
    7
    ·
    10 months ago

    Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental

    Do note that despite not being enabled by default, it is enabled in the official binary packages.

    There’s a funny amount of layers to this thing but as far as I’m concerned, if it’s a feature you ship in the default binary packages on your site, that is definitively enough for a CVE even if it’s disabled by default.