[MS4W-Users] Apache in MS4W?
Andrew Tegenkamp
ategenkamp at interactivegis.com
Fri Oct 15 21:03:36 UTC 2021
We are using MS4W 4.0.5 and so our Apache version is 2.4.46, and were
recently asked about the "Path Traversal and Remote Code Execution
vulnerabilities (CVE-2021-41773, CVE-2021-42013) in Apache HTTP Server"
as that patch is making the rounds on security and tech sites.
My current best understanding is a quote from a ZDNet article that says
"This issue only affects Apache 2.4.49 and Apache 2.4.50 and not earlier
versions." but I'd like to be sure and confirm this. That said, I want
to provide the correct information to the person asking, and am reaching
out to see if the Apache in MS4W needs a patch, upgrade, or no action.
Can anyone that knows please help me understand this specifically and
any tips or best practices used to deal with Apache news like this in
the future?
Thanks.
RE:
https://www.zdnet.com/article/additional-fixes-released-addressing-apache-http-server-issue/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ms4w.com/pipermail/ms4w-users/attachments/20211015/abf6b490/attachment.htm>
More information about the MS4W-Users
mailing list