14.3 RU4 has an eta of January right now. It will have an updated version of Apache. It won't be 2.4.49 due to
Apache HTTP Server 2.4 vulnerabilities - The Apache HTTP Server Project. Likely will be 2.4.51 or later.
------------------------------
John Owens
Strategic Support Engineer | Symantec Endpoint Security Division (SES)
Broadcom Software
------------------------------
Original Message:
Sent: 11-03-2021 08:26 AM
From: Benjamin John
Subject: Apache Web Server 2.4.48
Any update on a version that will update Apache to 2.4.49 or later?
Original Message:
Sent: 10-06-2021 02:39 AM
From: Andreas Brogren
Subject: Apache Web Server 2.4.48
I guess 2.4.49 will be replaced with 2.4.50?
https://httpd.apache.org/security/vulnerabilities_24.html
Original Message:
Sent: 10-05-2021 02:13 PM
From: John Owens
Subject: Apache Web Server 2.4.48
Hi David,
Vulnerability Scanners only look at what version of Apache is deployed not if the impacted modules are active or used. 14.3 RU4 will update Apache to 2.4.49 and has an eta of January right now.
------------------------------
John Owens
Strategic Support Engineer | Symantec Endpoint Security Division (SES)
Broadcom Software
Original Message:
Sent: 10-05-2021 02:09 PM
From: David Fielden
Subject: Apache Web Server 2.4.48
Since this update our vulnerability scanner is now saying it needs to be updated to 2.4.49. Is this update planned anytime soon?
Original Message:
Sent: 10-01-2021 01:23 PM
From: Robert Coonrad
Subject: Apache Web Server 2.4.48
Apache was updated to 2.4.48.694 in SEP 14.3 RU3 release.
Original Message:
Sent: 09-02-2021 04:21 PM
From: Robert Trimble
Subject: Apache Web Server 2.4.48
Hello,
Can you share when SEPM will use Apache Web Server 2.4.48? There are concerns over the existing vulns that 14.3 RU2 SEPM is using (apache version 2.4.43)
Thank You
Rob Trimble
TechData Support Services