Search found 7 matches

by somaraz
2021/10/08 05:13:21
Forum: CentOS 7 - Security Support
Topic: Apache CVE : CVE-2021-41524
Replies: 3
Views: 749

Apache CVE : CVE-2021-41524

Hi Team,

I got alert for CVE-2021-41524 on apache running below Apache 2.4.49.
Currently I have httpd-2.4.6-97.el7.centos.x86_64 but I don't see any update available yet.

Am I safe with httpd-2.4.6-97.el7.centos.x86_64 ?

Thanks,
by somaraz
2020/03/03 08:33:47
Forum: CentOS 7 - Security Support
Topic: Apache HTTP httpd-2.4.6-90.el7.centos.x86_64 Vulnerable CVE-2019-10092
Replies: 3
Views: 3250

Re: Apache HTTP httpd-2.4.6-90.el7.centos.x86_64 Vulnerable CVE-2019-10092

Hi TrevorH, By default CentOS come with HTTP 2.4.6-x. Nessus always recommend to update to 2.4.41. Do I need to install httpd24 instead of default HTTP ? Here's my current HTTP Version : rpm -q --changelog httpd | more * Tue Aug 06 2019 CentOS Sources <bugs@centos.org> - 2.4.6-90.el7.centos - Remove...
by somaraz
2020/03/03 08:10:02
Forum: CentOS 7 - Security Support
Topic: Apache HTTP httpd-2.4.6-90.el7.centos.x86_64 Vulnerable CVE-2019-10092
Replies: 3
Views: 3250

Apache HTTP httpd-2.4.6-90.el7.centos.x86_64 Vulnerable CVE-2019-10092

Hi All, There're several security issue in apache for CVE : CVE-2019-10092, CVE-2019-10091, CVE-2019-10098 and CVE-2019-10082. Latest Apache is 2.4.41 according to https://httpd.apache.org/security/vulnerabilities_24.html. Meanwhile I can find latest of httpd in Centos-7 is httpd-2.4.6-90.el7.centos...
by somaraz
2019/11/14 08:52:37
Forum: CentOS 7 - Security Support
Topic: Security update series of three Common Exposures and Vulnerabilities
Replies: 7
Views: 1429

Re: Security update series of three Common Exposures and Vulnerabilities

When will the latest kernel release for latest set of Intel vulnerabilities ? :D
by somaraz
2019/11/14 02:08:15
Forum: CentOS 7 - Security Support
Topic: Security update series of three Common Exposures and Vulnerabilities
Replies: 7
Views: 1429

Security update series of three Common Exposures and Vulnerabilities

Dear All,

Red Hat Product Security is aware of a series of vulnerabilities - CVE-2018-12207 - Machine Check Error on Page Size Change, CVE-2019-11135 - TSX Asynchronous Abort, and CVE-2019-0155, CVE-2019-0154 - i915 graphics driver.

Regarding to CentOS 7 do we have any work around ?

Thanks,
by somaraz
2018/05/22 03:28:24
Forum: CentOS 7 - Security Support
Topic: Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639
Replies: 8
Views: 2393

Speculative execution, variant 4 : speculative store bypass - CVE-2018-3639

Hi All, Another vulnerable found related to Meltdown/Spectre-style which will required kernel upgrade. Currently Redhat has release bug fix at : https://access.redhat.com/security/vulnerabilities/ssbd?sc_cid=701f2000000RUZoAAO& The latest kernel for CentOS 7 was 3.10.0-862.2.3.el7.x86_64 which is no...

Go to advanced search