I know we use apache, but I was wondering if the CVE-2017-5638 struts bug has been patched yet? Ive been hit with a couple attacks using that vulnerability and I know thats how equifax was breached, I was wondering if apache is up to date.
Also, is there a way to split updates into “Security” and “Base” updates so that sysadmins can log when specific security patches are deployed?
Not affected by the bug according to this:
For security updates check: