I know we use apache, but I was wondering if the CVE-2017-5638 struts bug has been patched yet? Ive been hit with a couple attacks using that vulnerability and I know thats how equifax was breached, I was wondering if apache is up to date.
Also, is there a way to split updates into "Security" and "Base" updates so that sysadmins can log when specific security patches are deployed?
Not affected by the bug according to this:https://access.redhat.com/security/cve/CVE-2017-5638
For security updates check:https://wiki.nethserver.org/doku.php?id=yum-cron