httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Yehuda Katz <yeh...@ymkatz.net>
Subject Re: [users@httpd] HOW TO APPLY TOMCAT UPGRADE
Date Wed, 10 Jun 2015 05:34:27 GMT
On Tue, Jun 9, 2015 at 2:45 PM, Salami Kehinde Rasheed <
kennysalaam@gmail.com> wrote:

> I need step-by-step to make apache-httpd-upgrade-2_2_29, what to download
> and how to apply this on production environment(Window Server 2008 and
> 2012R2)
>
> I want to close *Apache HTTPD: mod_status buffer overflow (CVE-2014-0226)*
> vulnerability,
> I want to close *Apache HTTPD: insecure LD_LIBRARY_PATH handling
> (CVE-2012-0883)* Vulnerability
>
> I got advice to upgrade to 2.2.29 of httpd and I am running on window
> server machine... Kindly assist on how I can handle this without
> causing disruption on this operation.
>

This depends greatly on where your current distribution of HTTPD is from.
Did you build it yourself or did you download binaries from a website and
if so, which site?

How is HTTPD set up on your current system? Does it run as a service? What
is the path to the executables and libraries?
Are you using any non-standard modules?

You should obtain the new version from the same place you obtained the old
version from.
I would make a backup copy of the entire HTTPD directory and then just
overwrite all the files except the configuration with the new files you
downloaded.

That is probably as detailed as you can get without more information about
your current environment.

- Y

Mime
View raw message