Hi,
I am currently using Debian Apache version on my Debian server, but when I perform a scan, I am alerted to several vulnerabilities. Specifically, the Apache version 2.4.x is vulnerable to multiple CVEs, including 2023-31122, 2023-43622, and 2023-45802.
I have a couple of questions: When will Debian release Apache version 2.4.58, which resolves these vulnerabilities? Also, where can I find a link to this release and its release date? Finally, is there any way for me to fix these vulnerabilities in the meantime?
apt policy apache2
apache2:
Installed: 2.4.56-1~deb11u2
Candidate: 2.4.56-1~deb11u2
Version table:
*** 2.4.56-1~deb11u2 500
500
http://ftp.de.debian.org/debian bullseye/main amd64 Packages
100 /var/lib/dpkg/status
root@vcloudproxy-02:~# lsb_release -a
No LSB modules are available.
Distributor ID: Debian
Description: Debian GNU/Linux 11 (bullseye)
Release: 11
Codename: bullseye
Thanks
Ali