Update Virtualmin packaged httpd RPM to remediate CVE-2021-40438?

SYSTEM INFORMATION
OS type and version: RHEL 7.9
Webmin version: 1.981-1
Virtualmin version: 3:6.17.pro-3
Related products version: Apache

Howdy Virtualmin folk!

We use the version of httpd/mod_ssl packaged in the virtualmin repo, and I wanted to ask when y’all might have the security update to deal with the newest CVE (CVE-2021-40438) in.

I suspect this is on your radar, but wanted to check.

Thanks!
~james

Dang, I didn’t even see that one. They didn’t bump the version, it’s just got a revision bump, so I didn’t notice it. Building now.

Thanks for the heads up.

OK, there should be an update available. Let me know if you have any problems.

This topic was automatically closed 8 days after the last reply. New replies are no longer allowed.