Page 1 of 1

CVE-2022-22720

Posted: 2022/03/24 15:01:33
by tmandel
Dear team,

RH just released corrected package for httpd on RH7 ( https://access.redhat.com/errata/RHSA-2022:1045 ), could you please confirm that it's going to be in your pipe for recompilation and will be distributed on your security repository?

Many thanks for your support.

Regards,
Thelvaen

Re: CVE-2022-22720

Posted: 2022/03/24 16:34:54
by TrevorH
CentOS 7 is supported until the EOL of RHEL 7 in 2024. Anything released for RHEL will be rebuilt for CentOS. The package you mention is in the build queue.

Re: CVE-2022-22720

Posted: 2022/03/25 00:46:07
by tmandel
Many thanks for your feedback.

Regards,
Thelvaen

Re: CVE-2022-22720

Posted: 2022/04/15 06:49:49
by beattodeath
Hi
Does anyone know if this vulnerability has been fixed in this httpd version v2.4.6-97 ?

Re: CVE-2022-22720

Posted: 2022/04/15 11:10:51
by TrevorH
It's fixed in httpd-2.4.6-97.el7.centos.5.x86_64. The .centos.5 is important.

Re: CVE-2022-22720

Posted: 2022/08/05 15:57:52
by akyadav
Any idea, when the new centos build with this httpd update would be available ?

Re: CVE-2022-22720

Posted: 2022/08/05 16:44:30
by TrevorH
akyadav wrote:
2022/08/05 15:57:52
Any idea, when the new centos build with this httpd update would be available ?
About 4 months ago.