CentOS

Hi Team,

I got alert for CVE-2021-41524 on apache running below Apache 2.4.49.
Currently I have httpd-2.4.6-97.el7.centos.x86_64 but I don't see any update available yet.

Am I safe with httpd-2.4.6-97.el7.centos.x86_64 ?

Thanks,

Hi TrevorH, By default CentOS come with HTTP 2.4.6-x. Nessus always recommend to update to 2.4.41. Do I need to install httpd24 instead of default HTTP ? Here's my current HTTP Version : rpm -q --changelog httpd | more * Tue Aug 06 2019 CentOS Sources <bugs@centos.org> - 2.4.6-90.el7.centos - Remove...

Hi All, There're several security issue in apache for CVE : CVE-2019-10092, CVE-2019-10091, CVE-2019-10098 and CVE-2019-10082. Latest Apache is 2.4.41 according to https://httpd.apache.org/security/vulnerabilities_24.html. Meanwhile I can find latest of httpd in Centos-7 is httpd-2.4.6-90.el7.centos...

Great let me check on few of my servers.

When will the latest kernel release for latest set of Intel vulnerabilities ?

Dear All,

Red Hat Product Security is aware of a series of vulnerabilities - CVE-2018-12207 - Machine Check Error on Page Size Change, CVE-2019-11135 - TSX Asynchronous Abort, and CVE-2019-0155, CVE-2019-0154 - i915 graphics driver.

Regarding to CentOS 7 do we have any work around ?

Thanks,

Hi All, Another vulnerable found related to Meltdown/Spectre-style which will required kernel upgrade. Currently Redhat has release bug fix at : https://access.redhat.com/security/vulnerabilities/ssbd?sc_cid=701f2000000RUZoAAO& The latest kernel for CentOS 7 was 3.10.0-862.2.3.el7.x86_64 which is no...