Apache httpd cve-2021-40438

jeff.ohrstrom · December 21, 2021, 4:03pm

All sites should update apache httpd or httpd24-httpd for cve-2021-40438 if you haven’t already done so. Here’s the RHEL link for the same. It should be as simple as updating that package.

https://access.redhat.com/security/cve/cve-2021-40438

As a note - the general guideline for us is that sites should upgrade httpd or httpd24-httpd as RHEL is only updating these packages for bug fixes and security fixes. You can (and should) subscribe to RHEL’s security announcements.

https://listman.redhat.com/mailman/listinfo/rhsa-announce

Topic		Replies	Views
Cve-2021-43527 - nss Announcements	2	713	May 26, 2022
Will httpd24-http service conflict with existing httpd? Get Help	7	560	May 26, 2022
Critical NGINX CVS-2021-23017 patches Feature Requests and Roadmap Discussion	3	493	May 26, 2022
Upgrade Apache in OpenOnDemand in Rocky Linux 8.6 Get Help	2	146	November 28, 2023
Critical NGINX CVE-2021-23017 patch available Announcements	1	456	October 8, 2021

Apache httpd cve-2021-40438

Related Topics