On Wed, Apr 3, 2019 at 10:18 AM LuKreme <[email protected]> wrote: > > On Apr 3, 2019, at 02:05, Hajo Locke <[email protected]> wrote: > > Is apache 2.2 exploitable by CVE-2019-0211 ? > > Description says that first affected version is 2.4.17, but may be 2.2 was > > not analyzed. > > “Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38” seems clear.
Since Apache httpd 2.2 is not supported anymore, it is quite possible that nobody has checked if 2.2 is affected. However, it looks like redhat has checked for their old RHEL releases that ship with 2.2 and they appear to be unaffected: https://access.redhat.com/security/cve/cve-2019-0211 rainer --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
