Current OS version: Rocky Linux 9 Current Apache version: Apache/2.4.57 (Rocky Linux) Version you want to install: httpd-2.4.62 I am trying to update the current version of Apache to httpd-2.4.62. If I use Dandified Yum, 2.4.62 does not come out. Can you tell me how to update using dnf?

[image] KIM: I have been advised to take action against an Apache security vulnerability. CVE-2024-27316 CVE-2024-24795 CVE-2023-38709 CVE-2024-27316 is addressed in mod_http2, not httpd. It has been patched in 8 and 9. There is no need to upgrade for this. CVE-2024-24795 is a low impact …

[image] KIM: I am trying to update the current version of Apache to httpd-2.4.62. What does 2.4.62 give that 2.4.57 (the default) not provide? [image] KIM: If I use Dandified Yum, 2.4.62 does not come out. Can you tell me how to update using dnf? We do not provide an updated httpd in …

Thank you for reply I have been advised to take action against an Apache security vulnerability. CVE-2024-27316 CVE-2024-24795 CVE-2023-38709

The solution is thus to update the mod_http2 – if you do use it – and use the mitigations mentioned in the RHSAs (if necessary) until Red Hat (and then Rocky) releases fixes for the other two CVE. The Apache in Rocky 9 is not “Apache/2.4.57” it is EL9 version originally forked from Apache/2.4.57. …

nazunalika , Hello, Thank you for the clarification, and I’d like to take this opportunity to ask for some help if possible. I’m facing a similar situation after a black box cyber assessment. The following CVEs were reported. If you have any suggestions, I would greatly appreciate it. CVE-2024-363…

@suraydan you can use dnf commands grepping the changelog for the CVE’s: root@rocky9:~# dnf changelog httpd | egrep "36387|38472|38473|39474|38475|38476|38477|39573" response headers are malicious or exploitable (CVE-2024-38476) mod_proxy (CVE-2024-38473) mod_proxy (CVE-2024-38477) - Resolves…

[image] iwalker: u can use dnf commands grepping the changelog for the CVE’s: Thank you again for your quick response and help. I will follow your guidance. Great work, and congratulations on the help you’ve been providing on the forum. thanks for contributing

[image] hcliao: I couldn’t find them in any changelog of mod_http2 rpms. Easy enough to find using google: 2243877 – (CVE-2023-45802) CVE-2023-45802 mod_http2: reset requests exhaust memory (incomplete fix of CVE-2023-44487)

Sorry about the confusion. I didn’t clarify my question. My question is that if mod_http2 package in Rocky Linux 9.4 - “2.0.26-2.el9_4 (lastest package)” has backporting fixes for these two CVEs - CVE-2023-45802 and CVE-2023-43622? I have this question because when I ran following command under Rock…

Hi All, I found this: [image] imports/r9-beta/mod_http2-2.0.26-1.el9 · Tags · staging / rpms / mod_http2 ·... GitLab Enterprise Edition Looks like it imprts mod_http2-2.0.26-1.el9 from RedHat. Thus the latest mod_http2-2.0.26-2.el9 should have already fixed …

How can I update httpd to 2.4.62

Rocky Linux Help & Support

hcliao September 12, 2024, 12:07pm 9

Hi,

Are these two CVEs of mod_http2 in RHSA-2024:2368 fixed in mod_http2.x86_64 2.0.26-2.el9_4?

CVE-2023-45802
CVE-2023-43622

I couldn’t find them in any changelog of mod_http2 rpms.

Thanks!

Topic		Replies	Views
How to upgrade apache httpd to 2.4.64 to remediate vulnerabilties Rocky Linux Help & Support rocky-linux-9	5	3092	July 31, 2025
How to upgrade apche http to 2.4.62 to remediate vulnerabilties Rocky Linux Help & Support rocky-linux-8	5	623	January 17, 2025
Upgrade Apache (httpd) to most recent version on Rocky 8.8 Rocky Linux Help & Support	6	5692	July 21, 2023
The latest httpd rpm version in Rocky 8 is vulnerable and fix not available Rocky Linux Help & Support rocky-linux-8	6	1025	October 9, 2024
Upgrade Apache to the latest version 2.4.54 Rocky Linux Help & Support	6	6981	January 3, 2023

How can I update httpd to 2.4.62

Related topics