[vagrant@localhost ~]$ httpd -v
Server version: Apache/2.2.15 (Unix)
Server built: Jun 19 2018 15:45:13
[vagrant@localhost ~]$ apachectl -v
Server version: Apache/2.2.15 (Unix)
Server built: Jun 19 2018 15:45:13
The Apache HTTP Server Project has released “Apache HTTP Server 2.4.39” that addresses six vulnerabilities. This update fixes six vulnerabilities, including CVE-2019-0211, which may allow code execution with higher privileges.
In addition to “CVE-2019-0211”, “CVE-2019-0217” may be authenticated by another user in Digest authentication, and “CVE-2019-2015” may bypass access control by the client certificate. As for “,” the vulnerability is rated as “Important”, which is the second of four in the rating.
In addition, the three vulnerabilities with the lowest “Low” severity of vulnerability listed as “Low” fix “CVE-2019-0196”, “CVE-2019-0197”, “CVE-2019-0220” did.
なるほど、脆弱性に対応してるのね。
