Hi,
I am currently using Debian Apache version on my Debian server, but when I
perform a scan, I am alerted to several vulnerabilities. Specifically, the
Apache version 2.4.x is vulnerable to multiple CVEs, including 2023-31122,
2023-43622, and 2023-45802.
I have a couple of questions: When will Debian release Apache version
2.4.58, which resolves these vulnerabilities? Also, where can I find a link
to this release and its release date? Finally, is there any way for me to
fix these vulnerabilities in the meantime?
apt policy apache2
apache2:
Installed: 2.4.56-1~deb11u2
Candidate: 2.4.56-1~deb11u2
Version table:
*** 2.4.56-1~deb11u2 500
500 http://ftp.de.debian.org/debian bullseye/main amd64 Packages
100 /var/lib/dpkg/status
root@vcloudproxy-02:~# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 11 (bullseye)
Release: 11
Codename: bullseye
Thanks
Ali
