On Wed, Apr 3, 2019 at 10:18 AM LuKreme <kremels@xxxxxxxxx> wrote: > > On Apr 3, 2019, at 02:05, Hajo Locke <Hajo.Locke@xxxxxx> wrote: > > Is apache 2.2 exploitable by CVE-2019-0211 ? > > Description says that first affected version is 2.4.17, but may be 2.2 was not analyzed. > > “Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38” seems clear. Since Apache httpd 2.2 is not supported anymore, it is quite possible that nobody has checked if 2.2 is affected. However, it looks like redhat has checked for their old RHEL releases that ship with 2.2 and they appear to be unaffected: https://access.redhat.com/security/cve/cve-2019-0211 rainer --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|