IT IS HTTPD upgrade but not TOMCAT, apology for the miss-use of subject. On Wed, Jun 10, 2015 at 6:50 PM, KARTHIK SHIVAKUMAR <nskarthi...@gmail.com> wrote:
> Hi > > Confused with chain mail "TOMCAT UPGRADE" or APACHE Httpd UPGRADE ??? > > Plz recorrect the subject line....[image: ðŸ˜] > On Jun 10, 2015 11:06, "Yehuda Katz" <yeh...@ymkatz.net> wrote: > >> On Tue, Jun 9, 2015 at 2:45 PM, Salami Kehinde Rasheed < >> kennysal...@gmail.com> wrote: >> >>> I need step-by-step to make apache-httpd-upgrade-2_2_29, what to >>> download and how to apply this on production environment(Window Server 2008 >>> and 2012R2) >>> >>> I want to close *Apache HTTPD: mod_status buffer overflow >>> (CVE-2014-0226)* vulnerability, >>> I want to close *Apache HTTPD: insecure LD_LIBRARY_PATH handling >>> (CVE-2012-0883)* Vulnerability >>> >>> I got advice to upgrade to 2.2.29 of httpd and I am running on window >>> server machine... Kindly assist on how I can handle this without >>> causing disruption on this operation. >>> >> >> This depends greatly on where your current distribution of HTTPD is from. >> Did you build it yourself or did you download binaries from a website and >> if so, which site? >> >> How is HTTPD set up on your current system? Does it run as a service? >> What is the path to the executables and libraries? >> Are you using any non-standard modules? >> >> You should obtain the new version from the same place you obtained the >> old version from. >> I would make a backup copy of the entire HTTPD directory and then just >> overwrite all the files except the configuration with the new files you >> downloaded. >> >> That is probably as detailed as you can get without more information >> about your current environment. >> >> - Y >> >> > -- *[image: Inline image 2]* *SALAMI KEHINDE R* *+234-8056511120*
