Update to version 2.10.0. Aside from the new upstream features, this update also refreshes many bundled dependencies, fixing a few CVEs. https://github.com/caddyserver/caddy/releases/tag/v2.10.0
Comment
Juray Sarinay discovered that PDF documents signed with the adbe.pkcs7.sha1 standard were incompletely validated by LibreOffice, which could cause invalid signatures to be accepted as legitimate.
Several security issues were fixed in Mistral.
Apache Tomcat could be made to crash if it received specially crafted network traffic.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.