Faille de sécurité Apache

Bonjour

pour signaler une faille de sécurité dans les serveurs apache
https://nakedsecurity.sophos.com/2021/10/06/apache-web-server-zero-day-bug-is-easy-to-exploit-patch-now/

Intriguingly, given the nature of the bug, this flaw, dubbed CVE-2021-41773, was introduced less than a month ago, in Apache 2.4.49.

Ironically, this means that Apache users who were sloppy about updating last time, and are still back on 2.4.48 or earlier, will skip over this vulnerability altogether.

To patch against the bug, upgrade immediately to Apache 2.4.50

Dino

1 « J'aime »

upgrade immediately to Apache 2.4.50

La faille n’est pas encore arrivée dans Debian. :slight_smile:

1 « J'aime »