Lockbits 10 Posted November 21, 2018 Share Posted November 21, 2018 Hello guys, We've a customer that is using ERA 6.5 and we want to upgrade it to ESMC 7 using the built in task. We know that the upgrade procedure doesn't update the Apache components and the customer is asking us to upgrade Apache HTTP Proxy to version 2.4.35 or higher. I saw that ESMC installs by default version 2.4.33. Is version 2.4.35 compatible with ESMC? The procedure is the same for version 2.4.33? (https://help.eset.com/esmc_install/70/en-US/upgrading_apache_tomcat_windows.html?upgrade_apache_http_proxy_windows_instructions_manual.html). Thank you. Link to comment Share on other sites More sharing options...
CBT 0 Posted December 11, 2018 Share Posted December 11, 2018 I need to patch our ESMC to version 2.4.35 due to some vulnerabilities. Support has only provided me 2.4.33. Do we have an ETA otherwise when 2.4.35 will be released? Link to comment Share on other sites More sharing options...
Administrators Marcos 4,712 Posted December 11, 2018 Administrators Share Posted December 11, 2018 To my best knowledge, the vulnerabilities in recent versions of Apache HTTP Proxy do not concern ESET's implementation of the proxy since the vulnerable features, such as HTTP/2 support are not enabled. If there was a known vulnerability, we would issue an urgent hotfix. If you are concerned of a specific vulnerability, let us know and we can inquire developers about it. Link to comment Share on other sites More sharing options...
Recommended Posts