Apache Server 2019 Update 1.2.0 fixes CVE-2018-7269
Updated November 14, 2019 08:06:51Updated November 14/2018 07:03:43Apache Server 2019 includes several security updates.
The most significant of which is a security update to address CVE-2017-1557, which affects the Apache HTTP Server.
Apache has already been updating its customers with this security update, but this update is the first time it has been issued for its customers as well.
Apastor, which has been the main Apache server vendor for over 10 years, said it was working with Microsoft and Oracle to distribute the update, which is available in the following languages:English, German, French, Italian, Spanish, Portuguese, Chinese, Russian, Simplified Chinese, Traditional Chinese, and Russian.
Apace is also releasing a Windows Server 2019 update, that addresses CVE-2016-5228, which impacts the Java Runtime Environment (JRE).
Apace said it plans to release the Windows Server 2016 and Windows Server 2020 updates.
In a blog post, Apace said the following:Apache is aware of an issue that could allow a remote attacker to bypass security policies and obtain information from an Apache server.
The affected Apache versions are Apache,Apache2,Apac,Apcera,Apce2,Chariot,Citrix,Apodem,Clam,Conexant,Dell,Fedora,Firefox,Google,Hewlett-Packard,Ivy Bridge,Oracle,Oracle Enterprise,Penguin,Red Hat,Secunia,Symantec,VMWare,Waymo,Weebly and x64 servers.
If you or anyone you know is affected by the issue, you can report it to the Apache Security Response Center, which can be found here: https://security.apache.org/contact.aspxThe Apache security team has also released additional information about CVE-2020, including links to further details about the bug and the advisory.
You can read the full list of security updates here: https://security-update.apache .org/update/ApacheServer2019.txt