Hello, Am 03.04.2019 um 11:06 schrieb Rainer Canavan:
On Wed, Apr 3, 2019 at 10:18 AM LuKreme <kremels@xxxxxxxxx> wrote:On Apr 3, 2019, at 02:05, Hajo Locke <Hajo.Locke@xxxxxx> wrote:Is apache 2.2 exploitable by CVE-2019-0211 ? Description says that first affected version is 2.4.17, but may be 2.2 was not analyzed.“Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38” seems clear.Since Apache httpd 2.2 is not supported anymore, it is quite possible that nobody has checked if 2.2 is affected. However, it looks like redhat has checked for their old RHEL releases that ship with 2.2 and they appear to be unaffected: https://access.redhat.com/security/cve/cve-2019-0211 rainer
thanks Reiner, i hoped but did not know that some LTS distribution still supports 2.2
--------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
Thanks, Hajo --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|