Upgrade Apache to the latest version 2.4.54

jlehtone · January 1, 2023, 1:50pm

The answer is “no”.

Rocky has what RHEL has and Red Hat backports features and fixes into the RHEL. See https://access.redhat.com/solutions/57665

https://access.redhat.com/security/cve/cve-2022-30556 claims that CVE-2022-30556 is “Fixed” in RHEL 9. Indeed, it is mentioned in the 2.4.53-7:

$ sudo dnf rq --changelogs httpd | head -15
Last metadata expiration check: 0:02:12 ago on Sun 01 Jan 2023 03:45:02 PM EET.
Changelog for httpd-2.4.53-7.el9.x86_64
* Wed Jul 20 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-7
- Resolves: #2094997 - CVE-2022-26377 httpd: mod_proxy_ajp: Possible request
  smuggling
- Resolves: #2097032 - CVE-2022-28615 httpd: out-of-bounds read in 
  ap_strcmp_match()
- Resolves: #2098248 - CVE-2022-31813 httpd: mod_proxy: X-Forwarded-For dropped
  by hop-by-hop mechanism
- Resolves: #2097016 - CVE-2022-28614 httpd: out-of-bounds read via ap_rwrite()
- Resolves: #2097452 - CVE-2022-29404 httpd: mod_lua: DoS in r:parsebody
- Resolves: #2097459 - CVE-2022-30522 httpd: mod_sed: DoS vulnerability
- Resolves: #2097481 - CVE-2022-30556 httpd: mod_lua: Information disclosure
  with websockets

* Mon Jun 27 2022 Luboš Uhliarik <luhliari@redhat.com> - 2.4.53-6

Topic		Replies	Views
New versions Apache Off-Topic	3	686	May 13, 2024
Upgrade Apache (httpd) to most recent version on Rocky 8.8 Rocky Linux Help & Support	6	5146	July 21, 2023
How can I update httpd to 2.4.62 Rocky Linux Help & Support rocky-linux-9	13	3767	November 15, 2024
CVE-2022-22720 Apache Vulnerability and ongoing app security patches Rocky Linux Help & Support	3	958	August 25, 2023
Upgrade apache and OpenSSL in Rocky 8.6 Rocky Linux Help & Support	2	1283	August 25, 2023

Upgrade Apache to the latest version 2.4.54

Related topics