On Wed, Apr 3, 2019 at 10:18 AM LuKreme <krem...@kreme.com> wrote: > > On Apr 3, 2019, at 02:05, Hajo Locke <hajo.lo...@gmx.de> wrote: > > Is apache 2.2 exploitable by CVE-2019-0211 ? > > Description says that first affected version is 2.4.17, but may be 2.2 was > > not analyzed. > > “Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38” seems clear.
Since Apache httpd 2.2 is not supported anymore, it is quite possible that nobody has checked if 2.2 is affected. However, it looks like redhat has checked for their old RHEL releases that ship with 2.2 and they appear to be unaffected: https://access.redhat.com/security/cve/cve-2019-0211 rainer --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
