Apache security patch

I know we use apache, but I was wondering if the CVE-2017-5638 struts bug has been patched yet? Ive been hit with a couple attacks using that vulnerability and I know thats how equifax was breached, I was wondering if apache is up to date.

Also, is there a way to split updates into “Security” and “Base” updates so that sysadmins can log when specific security patches are deployed?

Not affected by the bug according to this:
https://access.redhat.com/security/cve/CVE-2017-5638

4 Likes

For security updates check:
https://wiki.nethserver.org/doku.php?id=yum-cron

4 Likes