Hi Support,
I found that there are several vulnerabilities for Apache and OpenSSL in Rocky 8.6 by third-party vulnerability scanning system as follows:-
For Apache:-
CVE-2019-0217
CVE-2019-0220
CVE-2019-10092
CVE-2019-10098
CVE-2020-1934
CVE-2022-22721
CVE-2022-26377
CVE-2022-28614
CVE-2022-28615
CVE-2022-31813
For OpenSSL:-
CVE-2023-0215
And, I checked the exact installed version of Apache2 and OpenSSL by using “dnf list installed” as follows:-
httpd.x86_64 2.4.37-47.module+el8.6.0+985+b8ff6398.2
openssl.x86_64 1:1.1.1k-7.el8_6
I would like to know where to find the change log for both Apache (2.4.37-47.module+el8.6.0+985+b8ff6398.2) and OpenSSL (1:1.1.1k-7.el8_6) so that I can confirm whether the above CVEs can be solved or not?
Many thanks