asemon / Feature Requests / #21 Update PHP/Apache

#21 Update PHP/Apache - CVE identified

Milestone: Next_Release_(example)

Status: open

Owner: Jean-Paul Martin

Labels: None

Priority: 1

Updated: 2019-04-18

Created: 2019-04-17

Creator: Laurent Parodi

Private: No

Hello JP,

FYI, two CVEs are reported with the current versions of Apache and PHP:
CVE-2017-9798 for apache
CVE-2018-19518 for PHP

I tried to explain that we're not at risk as imap / rsh is not enabled on windows (!) and the limit directive is not used in htaccess .... no possible discussion there.
When you have a chance, it could be wise to update both apache and PHP to the up-to-date versions. To my knowledge, latest PHP version is 5.6.40, didn't check apache.

Following versions are reported by phpinfo:
Apache/2.4.23 (Win32) PHP/5.6.25

Thanks !

Discussion

Jean-Paul Martin - 2019-04-18

Ok Laurent, I 'll do that soon
Jpm

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Anonymous
  
  Add attachments
  Cancel
  You seem to have CSS turned off. Please don't fill out this field.
  
  You seem to have CSS turned off. Please don't fill out this field.

Anonymous

Update PHP/Apache - CVE identified

Group

Searches

Help

#21 Update PHP/Apache - CVE identified

Discussion