I have been asked by my Security group to upgrade to Apache v.2.4.34. Does CentOS have a release date for an upcoming patch that will automate this process? CentOS 7 .4.1708. How upgrade ?
Now installed:
Server version: Apache/2.4.6 (CentOS)
Apache httpd 2.4.34 Released
Re: Apache httpd 2.4.34 Released
In addition, 7.4.1708 is old. You should run yum update to get 7.5.1804.TrevorH wrote: ↑2017/01/10 15:20:55You should refer your security group to the RHEL backports page https://access.redhat.com/security/updates/backporting which explains the process that RH use. You can also use rpm -q --changelog httpd | grep CVE-yyyy-nnnn to see the entries in the rpm changelog showing that a particular CVE is fixed in the RH copy. If that comes up blank then you can also check https://access.redhat.com/security/cve/CVE-yyyy-nnnn for the current status according to RH - often it will say that the CVE is not applicable to the RHEL build as such-and-such a feature is not enabled so it is not vulnerable.