httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard <>
Subject Re: [users@httpd] Apache HTTP Server Prior to 2.4.12 Multiple Vulnerabilities
Date Tue, 18 Jun 2019 11:41:38 GMT

> Date: Tuesday, June 18, 2019 05:38:50 +0000
> From: Satish Chhatpar 02 <>
> How to patch Apache 2.4.6 to latest release on RHEL 7.4?

RedHat backports patches to the base version, keeping the version
number stable within an OS release. I.e., RH-7 will maintain the
2.4.6 httpd version number. You need to look at the number after that
(currently 2.4.6-89) to see the incremental change numbering. You can
look up the CVEs against RH's change log and/or update announcements
for a package to see that an issue has been addressed. From what I
have seen, RH tends to have updated httpd packages out very quickly
following a vulnerability announcement.

By the way, RH-7 is currently at .6, which came out late last year. A
.4 system is missing about 18 months of updates.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message