Howdy all,
There’s a new set of httpd packages in the CentOS 7 repos. It addresses CVE 2017-9788.
https://access.redhat.com/security/cve/CVE-2017-9788
Being a security update, everyone should update immediately.
Let us know if you find any problems.
Cheers,
Joe
Should be an update for CentOS 6 as well —
AH, well I guess in a sense I’m wrong because it’s only a patch for 2.4 and that’s only out of the software collections. Thanks for the prompt attention to this.
Yeah, as far as I know, we already have the latest httpd package available for CentOS 6. If ever you see us distributing an out of date httpd, please do let me know. I subscribe to the security mailing list, but I get so much mail I manage to miss httpd updates now and then.