Security Update: Horizon:xena #308

msherman64 · 2024-10-07T19:13:36Z

msherman64
Oct 7, 2024
Maintainer

For all sites running the Xena release of chi-in-a-box, please pull and deploy our newest horizon container to get an updated apache version. This addresses https://ubuntu.com/security/CVE-2024-38476.

Specifically, run the following:

./cc-ansible pull --tags horizon
./cc-ansible deploy --tags horizon

to verify, run the following:
docker exec -it horizon dpkg -l | grep apache2

It should now return:

ii  apache2                        2.4.41-4ubuntu3.21                amd64
ii  apache2-bin                    2.4.41-4ubuntu3.21                amd64
ii  apache2-data                   2.4.41-4ubuntu3.21                all
ii  apache2-utils                  2.4.41-4ubuntu3.21                amd64

Since apache2 versions >= 2.4.41-4ubuntu3.19 have the fix on 20.04, the CVE is mitigated.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Security Update: Horizon:xena #308

{{title}}

Replies: 0 comments

Select a reply

Security Update: Horizon:xena #308

msherman64 Oct 7, 2024 Maintainer

Replies: 0 comments

msherman64
Oct 7, 2024
Maintainer