Hi Confused with chain mail "TOMCAT UPGRADE" or APACHE Httpd UPGRADE ???
Plz recorrect the subject line....😠On Jun 10, 2015 11:06, "Yehuda Katz" <yeh...@ymkatz.net> wrote: > On Tue, Jun 9, 2015 at 2:45 PM, Salami Kehinde Rasheed < > kennysal...@gmail.com> wrote: > >> I need step-by-step to make apache-httpd-upgrade-2_2_29, what to >> download and how to apply this on production environment(Window Server 2008 >> and 2012R2) >> >> I want to close *Apache HTTPD: mod_status buffer overflow >> (CVE-2014-0226)* vulnerability, >> I want to close *Apache HTTPD: insecure LD_LIBRARY_PATH handling >> (CVE-2012-0883)* Vulnerability >> >> I got advice to upgrade to 2.2.29 of httpd and I am running on window >> server machine... Kindly assist on how I can handle this without >> causing disruption on this operation. >> > > This depends greatly on where your current distribution of HTTPD is from. > Did you build it yourself or did you download binaries from a website and > if so, which site? > > How is HTTPD set up on your current system? Does it run as a service? What > is the path to the executables and libraries? > Are you using any non-standard modules? > > You should obtain the new version from the same place you obtained the old > version from. > I would make a backup copy of the entire HTTPD directory and then just > overwrite all the files except the configuration with the new files you > downloaded. > > That is probably as detailed as you can get without more information about > your current environment. > > - Y > >
