Ubuntu 14.04 Apache Backports for CVE-2018-17199 & CVE-2016-4975












0















A Trustwave scan of our client's server, shows a Fail on 2 Apache vulnerabilities. CVE-2016-4975 and CVE-2018-17199.



Generally all the vulnerabilities they point out, are remediated by keeping up on the standard Trusty Ubuntu repositories and backport patches. But these two show that they have not been patched yet, and unsure if they will be.



https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4975.html
https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-17199.html



Can someone explain if this is actually a concern, how I can remediate it, or if it requires going outside of the normal Ubuntu repository and upgrading Apache?



Thanks






14.04 apache2 security lts patch







share|improve this question



























    0















    A Trustwave scan of our client's server, shows a Fail on 2 Apache vulnerabilities. CVE-2016-4975 and CVE-2018-17199.



    Generally all the vulnerabilities they point out, are remediated by keeping up on the standard Trusty Ubuntu repositories and backport patches. But these two show that they have not been patched yet, and unsure if they will be.



    https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4975.html
    https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-17199.html



    Can someone explain if this is actually a concern, how I can remediate it, or if it requires going outside of the normal Ubuntu repository and upgrading Apache?



    Thanks






    14.04 apache2 security lts patch







    share|improve this question

























      0












      0








      0








      A Trustwave scan of our client's server, shows a Fail on 2 Apache vulnerabilities. CVE-2016-4975 and CVE-2018-17199.



      Generally all the vulnerabilities they point out, are remediated by keeping up on the standard Trusty Ubuntu repositories and backport patches. But these two show that they have not been patched yet, and unsure if they will be.



      https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4975.html
      https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-17199.html



      Can someone explain if this is actually a concern, how I can remediate it, or if it requires going outside of the normal Ubuntu repository and upgrading Apache?



      Thanks






      14.04 apache2 security lts patch







      share|improve this question














      A Trustwave scan of our client's server, shows a Fail on 2 Apache vulnerabilities. CVE-2016-4975 and CVE-2018-17199.



      Generally all the vulnerabilities they point out, are remediated by keeping up on the standard Trusty Ubuntu repositories and backport patches. But these two show that they have not been patched yet, and unsure if they will be.



      https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-4975.html
      https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-17199.html



      Can someone explain if this is actually a concern, how I can remediate it, or if it requires going outside of the normal Ubuntu repository and upgrading Apache?



      Thanks






      14.04 apache2 security lts patch




      14.04 apache2 security lts patch






      share|improve this question













      share|improve this question











      share|improve this question




      share|improve this question










      asked Mar 18 at 22:38









      blueionRichblueionRich

      11




      11






















          0






          active

          oldest

          votes












          Your Answer








          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "89"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          autoActivateHeartbeat: false,
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














          draft saved

          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1126766%2fubuntu-14-04-apache-backports-for-cve-2018-17199-cve-2016-4975%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown

























          0






          active

          oldest

          votes








          0






          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















          draft saved

          draft discarded




















































          Thanks for contributing an answer to Ask Ubuntu!


          • Please be sure to answer the question. Provide details and share your research!

          But avoid



          • Asking for help, clarification, or responding to other answers.

          • Making statements based on opinion; back them up with references or personal experience.


          To learn more, see our tips on writing great answers.




          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1126766%2fubuntu-14-04-apache-backports-for-cve-2018-17199-cve-2016-4975%23new-answer', 'question_page');
          }
          );

          Post as a guest















          Required, but never shown





















































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown

































          Required, but never shown














          Required, but never shown












          Required, but never shown







          Required, but never shown







          -

          Popular posts from this blog

          數位音樂下載

          Image
          數位音樂下載 為非以「實體」方式來販賣音樂的相關產品,而使用數位格式如mp3、AAC等文件格式來進行銷售販賣的一种音乐产业形式。著名的數位音樂下載服務商有iTunes Store、RecoChoku、Google Play音乐和微软Zune等。数字音乐下载在二十一世纪初一度风靡全球, [1] [2] 使得传统唱片产业走向衰落,但其自身也在2010年代流媒体音乐服务如Apple Music、Spotify等的挤压下迅速失去市场份额。 [3] [4] 数字音乐下载有便于携带、传播迅速、制作简单成本低等优点,与流媒体音乐相比也能更好保障音乐人权益; [5] 但它同时很可能带来侵犯版权和滥用的情形, [6] 也给音乐产业带来了诸多不利影响。数字音乐下载为音乐人和乐迷提供了更加便捷直接的交流渠道,也一定程度上推动了网络音乐人的出现和独立音乐的迅速发展。 [7] 目录 1 历史 1.1 技术积淀(1987-2000) 1.2 出现与兴起(2000-2004) 1.3 唱片市场的颠覆者(2004-2007) 1.4 巅峰和衰落(2005-2013) 1.5 摇摇欲坠的现状与不可预知的明天(2014至今) 2 主要文件格式 2.1 PCM编码格式 2.1.1 WAV 2.1.2 APE 2.1.3 FLAC 2.2 苹果推出的无损文件格式 2.2.1 AIFF 2.2.2 ALAC 2.3 有损压缩格式 2.3.1 MP3 2.3.2 AAC 3 主要市场 3.1 iTunes Store 3.2 Google Play音乐商店 3.3 亚马逊音乐商店 3.4 部分其他音乐商店 4 影响与评价 4.1 对音乐产业的影响 4.2 对科技行业的影响 4.3 正面评价 4.4 负面评价 4.4.1 侵权问题 4.4.2 经营模式不明晰 4.4.3 不适应移动时代 4.5 文化现象 5 延伸阅读 6 参考资料 历史 苹果iTunes+iPod的软硬件搭配让数字音
          Read more

          格利澤436b

          Image
          格利泽436b 太陽系外行星 太陽系外行星列表 艺术家笔下的格利泽436b 母恆星 母恆星 Gliese 436 星座 獅子座 赤經 ( α ) 11 h  42 m  11.0941 s [1] 赤緯 ( δ ) +26° 42′ 23.652″ [1] 距離 33.4 ly (10.2 pc) 光譜類型 M2.5 V [1] 軌道參數 半长轴 ( a ) 0.0291±0.0004 [2] AU 軌道離心率 ( e ) 0.150±0.012 [2] 公轉週期 ( P ) 2.643904±0.000005 [3] d (0.00723849 y) 軌道傾角 ( i ) 85.8 +0.21 −0.25 [3] ° 角距 ( θ ) 2.794 mas 近星點時間 ( T 0 ) 2,451,551.716 ±0.01 JD 半振幅 ( K ) 18.68±0.8 m/s 物理性质 质量 ( m ) 22.2±1.0 [2] M ⊕ 半徑 ( r ) 4.327±0.183 [2] [4] R ⊕ 密度 ( ρ ) 1.51 g cm -3 表面重力 ( g ) 1.18 g 溫度 ( T ) 712±36 [2] K 發現 發現時間 2004 發現者 巴特勒、沃格特、 馬西 et al. 發現方法 徑向速度、凌日法 發現地點 美國加利福尼亞州 發表論文 出版 其他名稱 Ross 905 b, GJ 436 b, [5] LTT 13213 b, GCTP 2704.10 b, LHS 310, AC+27:28217 b, Vyssotsky 616 b, HIP 57087 b, GEN# +9.80120068 b, LP 319-75 b, G 121-7 b, LSPM J1142+2642 b, 1RXS J114211.9+264328 b, ASCC 683818 b, G 147-68 b, UCAC2 41198281 b, BP
          Read more

          When can things happen in Etherscan, such as the picture below?

          Image
          2 I don't know why balance of the address is 0. when can this situation? etherscan balances share | improve this question asked yesterday Ru Hi Ru Hi 11 1 New contributor Ru Hi is a new contributor to this site. Take care in asking for clarification, commenting, and answering. Check out our Code of Conduct. add a comment  | 
          Read more