httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard <lists-apa...@listmail.innovate.net>
Subject Re: [users@httpd] Apache HTTP Server Prior to 2.4.12 Multiple Vulnerabilities
Date Tue, 18 Jun 2019 11:41:38 GMT


> Date: Tuesday, June 18, 2019 05:38:50 +0000
> From: Satish Chhatpar 02 <ChhatpS02@cpwplc.com>
>
> How to patch Apache 2.4.6 to latest release on RHEL 7.4?
> 

RedHat backports patches to the base version, keeping the version
number stable within an OS release. I.e., RH-7 will maintain the
2.4.6 httpd version number. You need to look at the number after that
(currently 2.4.6-89) to see the incremental change numbering. You can
look up the CVEs against RH's change log and/or update announcements
for a package to see that an issue has been addressed. From what I
have seen, RH tends to have updated httpd packages out very quickly
following a vulnerability announcement.

By the way, RH-7 is currently at .6, which came out late last year. A
.4 system is missing about 18 months of updates.



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message