Lockbits 11 Posted November 21, 2018 Posted November 21, 2018 Hello guys, We've a customer that is using ERA 6.5 and we want to upgrade it to ESMC 7 using the built in task. We know that the upgrade procedure doesn't update the Apache components and the customer is asking us to upgrade Apache HTTP Proxy to version 2.4.35 or higher. I saw that ESMC installs by default version 2.4.33. Is version 2.4.35 compatible with ESMC? The procedure is the same for version 2.4.33? (https://help.eset.com/esmc_install/70/en-US/upgrading_apache_tomcat_windows.html?upgrade_apache_http_proxy_windows_instructions_manual.html). Thank you.
CBT 0 Posted December 11, 2018 Posted December 11, 2018 I need to patch our ESMC to version 2.4.35 due to some vulnerabilities. Support has only provided me 2.4.33. Do we have an ETA otherwise when 2.4.35 will be released?
Administrators Marcos 5,468 Posted December 11, 2018 Administrators Posted December 11, 2018 To my best knowledge, the vulnerabilities in recent versions of Apache HTTP Proxy do not concern ESET's implementation of the proxy since the vulnerable features, such as HTTP/2 support are not enabled. If there was a known vulnerability, we would issue an urgent hotfix. If you are concerned of a specific vulnerability, let us know and we can inquire developers about it.
Recommended Posts