Apache2 - 2.4.62

Jerry Geis jerry.geis at gmail.com
Tue Apr 29 00:27:55 UTC 2025 

On Mon, Apr 28, 2025 at 5:24 PM Robert Heller <heller at deepsoft.com> wrote:

>
>
> At Mon, 28 Apr 2025 16:30:16 -0400 "Ubuntu user technical support,? not
> for general discussions" <ubuntu-users at lists.ubuntu.com> wrote:
>
> >
> > On Mon, Apr 28, 2025 at 4:14 PM Colin Law <clanlaw at gmail.com>
> wrote:
> >
> > > On Mon, 28 Apr 2025 at 19:04, Jerry Geis <jerry.geis at gmail.com> wrote:
> > >
> > >>
> > >> Curious - Why the updated apache would not be in the normal "update"
> > >> process. Especially since there is a CVE for it.
> > >> Why would I have to load a different repo ?
> > >>
> > >
> > >
> > > Which CVE is that?  If it is serious then I would expect it to be
> patched
> > > in the official Ubuntu release.
> > >
> > > Colin L.
> > >
> > > --
> > > ubuntu-users mailing list
> > > ubuntu-users at lists.ubuntu.com
> > > Modify settings or unsubscribe at:
> > > https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
> >
> >
> > one of them was CVE-2024-36387
> > The website (https://ubuntu.com/security/CVE-2024-36387)  says fixed -
> but
> > the scan was flagging it as an issue.
> >
> > When I did "apache2 --version" this did not show 2.4.58-1ubuntu8.2 (which
> > is there version saying it was fixed in)
> > only 2.4.58
>
> "apache2 --version" is not likely to show the Ubuntu package version.
>
> What does:
>
> dpkg-query -l apache2
>
> show?
>
> >
> > Jerry
> >
>
> --
> Robert Heller             -- Cell: 413-658-7953 GV: 978-633-5364
> Deepwoods Software        -- Custom Software Services
> http://www.deepsoft.com/  -- Linux Administration Services
> heller at deepsoft.com       -- Webhosting Services
>
>
> --
> ubuntu-users mailing list
> ubuntu-users at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-users



Server version: Apache/2.4.58 (Ubuntu)

Server built:   2025-04-03T14:36:49

root at lsi008a:~# dpkg-query -l apache2

Desired=Unknown/Install/Remove/Purge/Hold

|
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend

|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)

||/ Name           Version           Architecture Description

+++-==============-=================-============-=================================
ii  apache2        2.4.58-1ubuntu8.6 amd64        Apache HTTP Server


So does the "scan" tool not know the actual version ?

Jerry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20250428/04ba2030/attachment-0001.html>

More information about the ubuntu-users mailing list