The security team found a loophole in Apache version 2.4.23 so we need to upgrade Apache to version at least 2.4.56 or later. However, the developers told me it required a lot of code changes (around 60% of the entire codebase). Is this true?
Asked
Active
Viewed 129 times
1 Answers
1
As long as Apache is installed via system packages and the system is not yet end of life security patches are backported by the package maintainers to older versions.
Check the changelog of the Apache package, chances are high that your Apache is already patched, as long as security updates are installed when they become available.
Gerald Schneider
- 26,582
- 8
- 65
- 97