On 3/7/24 20:52, Ali Ramzan wrote:
Hi,
I am currently using Debian Apache version on my Debian server, but when
I perform a scan, I am alerted to several vulnerabilities. Specifically,
the Apache version 2.4.x is vulnerable to multiple CVEs, including
2023-31122, 2023-43622, and 2023-45802.
I have a couple of questions: When will Debian release Apache version
2.4.58, which resolves these vulnerabilities? Also, where can I find a
link to this release and its release date? Finally, is there any way for
me to fix these vulnerabilities in the meantime?
Hi,
version 2.4.58 doesn't contain important CVE fixes, only minor/medium.
So it will be updated during a Debian point release and not in security
branch.
Cheers,
Yadd
