Article - CS422246
Update Apache to version 2.4.61 of Windchill
Modified: 16-Jan-2025
Applies To
- Windchill PDMLink 11.1 M020 to 13.0
Description
- Update Apache to version 2.4.61 of Windchill
- IT security team demands update of Apache to version 2.4.61
- Security vulnerabilities in Apache 2.4.59
- important: Apache HTTP Server: source code disclosure with handlers configured via AddType (CVE-2024-39884)
- low: Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2 (CVE-2024-36387)
- important: Apache HTTP Server on WIndows UNC SSRF (CVE-2024-38472)
- moderate: Apache HTTP Server proxy encoding problem (CVE-2024-38473)
- important: Apache HTTP Server weakness with encoded question marks in backreferences (CVE-2024-38474)
- important: Apache HTTP Server weakness in mod_rewrite when first segment of substitution matches filesystem path. (CVE-2024-38475)
- important: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect (CVE-2024-38476)
- important: Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request (CVE-2024-38477)
- moderate: Apache HTTP Server: mod_rewrite proxy handler substitution (CVE-2024-39573)
This is a printer-friendly version of Article 422246 and may be out of date. For the latest version click CS422246