Apache httpd vulnerabilities (CVE-2017-3167, 3169, 7668, 7679)

Support for security such as Firewalls and securing linux
Post Reply
dntty
Posts: 2
Joined: 2017/07/07 06:53:22

Apache httpd vulnerabilities (CVE-2017-3167, 3169, 7668, 7679)

Post by dntty » 2017/07/07 07:16:22


User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Apache httpd vulnerabilities (CVE-2017-3167, 3169, 7668, 7679)

Post by TrevorH » 2017/07/07 09:48:29

CentOS 7 is a rebuild of RHEL 7 so when Redhat fix these and release them, they will get rebuilt and released by CentOS.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

dntty
Posts: 2
Joined: 2017/07/07 06:53:22

Re: Apache httpd vulnerabilities (CVE-2017-3167, 3169, 7668, 7679)

Post by dntty » 2017/07/07 10:19:22

Thanks for your reply. I will contact RedHat about release progress.

pmbento
Posts: 2
Joined: 2017/09/06 14:44:19

Re: Apache httpd vulnerabilities (CVE-2017-3167, 3169, 7668, 7679)

Post by pmbento » 2017/09/06 15:06:23

Hi,

Is there an ETA to release the fixes for CentOS 7?

Thank you.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Apache httpd vulnerabilities (CVE-2017-3167, 3169, 7668, 7679)

Post by TrevorH » 2017/09/06 17:01:02

They are part of 7.4 which is already available in the CR repo.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

pmbento
Posts: 2
Joined: 2017/09/06 14:44:19

Re: Apache httpd vulnerabilities (CVE-2017-3167, 3169, 7668, 7679)

Post by pmbento » 2017/09/11 17:58:48

Thank you Trevor.

What about the current stable release (7.3)?
TrevorH wrote:They are part of 7.4 which is already available in the CR repo.

User avatar
avij
Retired Moderator
Posts: 3046
Joined: 2010/12/01 19:25:52
Location: Helsinki, Finland
Contact:

Re: Apache httpd vulnerabilities (CVE-2017-3167, 3169, 7668, 7679)

Post by avij » 2017/09/11 18:30:07

CentOS 7.3.1611 stopped receiving updates the moment RHEL 7.4 was released. Those httpd updates are now available in the CR repo, and those updates will also be included in CentOS 7.4.1708 when it gets released.

lightman47
Posts: 1521
Joined: 2014/05/21 20:16:00
Location: Central New York, USA

Re: Apache httpd vulnerabilities (CVE-2017-3167, 3169, 7668, 7679)

Post by lightman47 » 2017/09/11 20:10:52

to both of you, this should solve your issues if they are immediate -

Code: Select all

yum update --enablerepo=cr
I did it on all my machines; worked great.

Post Reply