Mailing List ecs-isp@2rosenthals.com gearchiveerd bericht #375

Van: "Steven Levine" <ecs-isp@2rosenthals.com> Volledige berichtkoppen
Ongedecodeerd bericht
Onderwerp: Re: [eCS-ISP] Apache update needed new CVE's reported.
Datum: Tue, 28 Dec 2021 23:01:20 -0800
Aan: "eCS ISP Mailing List" <ecs-isp@2rosenthals.com>

In <list-2902019@2rosenthals.com>, on 12/29/21
   at 03:18 PM, "Paul Smedley" <ecs-isp@2rosenthals.com> said:

Hiya,

>Yep - I only really bothered updating the code to avoid any confusion
>over the 'downloading large files' bug and which date httpd.dll was in
>use.

One item in the 2.4.52 changelog that did catch my interest was the mod_md
updates.  Automated Let's Encrypt certificate updates might be useful.

>Absolutely! The only thing I have here using log4j is Openhab and that
>has already been patched, plus it isn't directly accessible to the
>internet anyway.

As I mentioned elsewhere, what I found most interesting about the Log4J
vulnerability is that it was not discovered and exploited sooner.
Apparently it has existed since 2013.

Steven

--
----------------------------------------------------------------------
"Steven Levine" <steve53@earthlink.net>  Warp/DIY/BlueLion etc.
www.scoug.com www.arcanoae.com www.warpcave.com
----------------------------------------------------------------------


Aanmelden: Feed, Samenvatting, Index.
Afmelden
Mail naar ListMaster