Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

Guidance for Apache HTTP Server 2.4 vulnerabilities

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
L4 Transporter
No ratings
Spoiler
Last update 23/MAY/2024 

Advisory:

Guidance for Apache HTTP Server 2.4 vulnerabilities described in the official apache.org site:  https://httpd.apache.org/security/vulnerabilities_24.html

 

Affected version:Fix for CVE detected on Apache HTTP Server 2.4 versions from 2.4.1 to 2.4.59.

 

Update 2.4.59 released 2024-04-04
Affects <=2.4.58

 

Diagnosis

Execute below command to check the version of Apache HTTP Server 2.4:

 

sudo apt list --installed | grep apache

 

If the output showing version less than 2.4.59, you will need to perform the steps to upgrade the apache2 libraries.

Solution

Prerequisites: Your Expedition VM should have connectivity to http://ppa.launchpad.net and subdomains. ONLY required to do the libraries upgrade.

Note: Optionally consider to take an snapshot of your VM.

 

In Expedition CLI execute below commands:

 

  1. Update the package repository:
    sudo apt-add-repository ppa:ondrej/apache2
  2. Install deb lib packages:
    sudo apt-get install apache2
  3. Check packages are installed
    sudo apt list --installed | grep apache
    Expected output:
    apache2-bin/focal,now 2.4.59-1+ubuntu20.04.1+deb.sury.org+1 amd64 [installed,automatic]
    apache2-data/focal,now 2.4.59-1+ubuntu20.04.1+deb.sury.org+1 all [installed,automatic]
    apache2-utils/focal,now 2.4.59-1+ubuntu20.04.1+deb.sury.org+1 amd64 [installed,automatic]
    apache2/focal,now 2.4.59-1+ubuntu20.04.1+deb.sury.org+1 amd64 [installed]
    libapache2-mod-php7.0/now 7.0.33-57+ubuntu20.04.1+deb.sury.org+1 amd64 [installed,upgradable to: 7.0.33-74+ubuntu20.04.1+deb.sury.org+1]
  4. Make /tmp folder writable for apache2 service
    • Open file to edit: sudo vi /lib/systemd/system/apache2.service
    • Change setting PrivateTmp from true to false (PrivateTmp=false)
    • Save file and restart below services: sudo systemctl daemon-reload; sudo systemctl restart apache2
  5. Access via UI and restart the Task Management
Rate this article:
  • 5324 Views
  • 0 comments
  • 0 Likes
Register or Sign-in
Contributors
Article Dashboard
Version history
Last Updated:
‎05-23-2024 09:41 AM
Updated by: