CentOS httpd installation is vulnerable to ARME exploit, will not update to latest, how would I change my install to the latest Apache?

January 6, 2014 1.5k

It came to my attention lately that my HTTPD installation on a CentOS droplet is vulnerable to the old ARME exploit (Apache remote memory exhaustion) and running `yum update` does not update to the firmware due to a release choice. How would I go about moving my httpd installation (complete with SSL) to a newer Apache version that is not vulnerable to this exploit?

Log In to Comment

2 Answers

kamaln7 MOD January 6, 2014

I'm not that familiar with CentOS but you could try updating the to latest CentOS version and see if that upgrades Apache along with it

Reply

mattbridges January 9, 2014

Or download the apache (and php) source and compile the latest version?

Reply

Have another answer? Share your knowledge.

Share

Share your Question

CentOS httpd installation is vulnerable to ARME exploit, will not update to latest, how would I change my install to the latest Apache?

Leave a Comment

Almost there!

Report a Bug