On Wed, Apr 3, 2019 at 11:06 AM Rainer Canavan <rainer.cana...@sevenval.com> wrote: > > On Wed, Apr 3, 2019 at 10:18 AM LuKreme <krem...@kreme.com> wrote: > > > > On Apr 3, 2019, at 02:05, Hajo Locke <hajo.lo...@gmx.de> wrote: > > > Is apache 2.2 exploitable by CVE-2019-0211 ? > > > Description says that first affected version is 2.4.17, but may be 2.2 > > > was not analyzed. > > > > “Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38” seems clear. > > Since Apache httpd 2.2 is not supported anymore, it is quite possible > that nobody has > checked if 2.2 is affected. However, it looks like redhat has checked > for their old > RHEL releases that ship with 2.2 and they appear to be unaffected: > https://access.redhat.com/security/cve/cve-2019-0211
Indeed, 2.2 is not affected... by this one. Regards, Yann. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
