Is CVE-2016-8743 fixed in Apache 2.4.18
Asked by
Brent Shinn
on 2017-04-07
My vulnerability scans come up with:
Apache HTTPD: Apache HTTP Request Parsing Whitespace Defects (CVE-2016-8743)
Then it recommends that we upgrade to Apache 2.4.25 where this problem is corrected. One of the developers here said that Canonical has probably aleady fixed this in 2.4.18, but I can find any information to corroborate that.
Is (CVE-2016-8743) fixed in 2.4.18, or should I just upgrade Apache to 2.4.25?
Question information
- Language:
- English Edit question
- Status:
- Solved
- For:
- Ubuntu apache2 Edit question
- Assignee:
- No assignee Edit question
- Solved by:
- Manfred Hampl
- Solved:
- 2017-04-10
- Last query:
- 2017-04-10
- Last reply:
- 2017-04-08
https:/
Doesn't seem so. I suggest you report a bug
|
#2 |
the fix is apparently still missing, see
see https:/
and https:/
Brent Shinn (brents-z) said : | #3 |
Thanks for finding those for me.
To post a message you must log in.