- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
11-16-2023 01:17 AM - edited 11-16-2023 07:08 AM
Guidance for Apache HTTP Server 2.4 vulnerabilities (11/06/2023)
CVE-2021-44790
Affected version: Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.57.
Update 2.4.58 released | 2023-10-19 |
Affects | <=2.4.57 |
Execute below command to check the version of Apache HTTP Server 2.4:
sudo apt list --installed | grep apache
If the output showing version less than 2.4.58, you will need to perform the steps to upgrade the apache2 libraries.
Prerequisites: Your Expedition VM should have connectivity to http://ppa.launchpad.net and subdomains. ONLY required to do the libraries upgrade.
In Expedition CLI execute below commands:
apache2-bin/focal,now 2.4.58-1+ubuntu20.04.1+deb.sury.org+1 amd64 [installed,automatic]
apache2-data/focal,now 2.4.58-1+ubuntu20.04.1+deb.sury.org+1 all [installed,automatic]
apache2-utils/focal,now 2.4.58-1+ubuntu20.04.1+deb.sury.org+1 amd64 [installed,automatic]
apache2/focal,now 2.4.58-1+ubuntu20.04.1+deb.sury.org+1 amd64 [installed]
libapache2-mod-php7.0/now 7.0.33-57+ubuntu20.04.1+deb.sury.org+1 amd64 [installed,upgradable to: 7.0.33-68+ubuntu20.04.1+deb.sury.org+2]