CVE-2022-22720

Support for security such as Firewalls and securing linux
Post Reply
tmandel
Posts: 8
Joined: 2022/01/25 13:38:52

CVE-2022-22720

Post by tmandel » 2022/03/24 15:01:33

Dear team,

RH just released corrected package for httpd on RH7 ( https://access.redhat.com/errata/RHSA-2022:1045 ), could you please confirm that it's going to be in your pipe for recompilation and will be distributed on your security repository?

Many thanks for your support.

Regards,
Thelvaen

User avatar
TrevorH
Forum Moderator
Posts: 32133
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2022-22720

Post by TrevorH » 2022/03/24 16:34:54

CentOS 7 is supported until the EOL of RHEL 7 in 2024. Anything released for RHEL will be rebuilt for CentOS. The package you mention is in the build queue.
CentOS 8 died a premature death at the end of 2021 - migrate to Rocky/Alma/OEL/Springdale ASAP.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are dead, do not use them.
Use the FAQ Luke

tmandel
Posts: 8
Joined: 2022/01/25 13:38:52

Re: CVE-2022-22720

Post by tmandel » 2022/03/25 00:46:07

Many thanks for your feedback.

Regards,
Thelvaen

beattodeath
Posts: 1
Joined: 2022/04/15 06:41:20

Re: CVE-2022-22720

Post by beattodeath » 2022/04/15 06:49:49

Hi
Does anyone know if this vulnerability has been fixed in this httpd version v2.4.6-97 ?

User avatar
TrevorH
Forum Moderator
Posts: 32133
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2022-22720

Post by TrevorH » 2022/04/15 11:10:51

It's fixed in httpd-2.4.6-97.el7.centos.5.x86_64. The .centos.5 is important.
CentOS 8 died a premature death at the end of 2021 - migrate to Rocky/Alma/OEL/Springdale ASAP.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are dead, do not use them.
Use the FAQ Luke

akyadav
Posts: 1
Joined: 2022/08/05 15:56:17

Re: CVE-2022-22720

Post by akyadav » 2022/08/05 15:57:52

Any idea, when the new centos build with this httpd update would be available ?

User avatar
TrevorH
Forum Moderator
Posts: 32133
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: CVE-2022-22720

Post by TrevorH » 2022/08/05 16:44:30

akyadav wrote:
2022/08/05 15:57:52
Any idea, when the new centos build with this httpd update would be available ?
About 4 months ago.
CentOS 8 died a premature death at the end of 2021 - migrate to Rocky/Alma/OEL/Springdale ASAP.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are dead, do not use them.
Use the FAQ Luke

Post Reply