Apache vulnerability - CVE-2021-40438

DiouxX / docker-glpi

Project to deploy GLPI with docker

222 stars 185 forks source link

Apache vulnerability - CVE-2021-40438 #44

Closed nvergottini closed 2 years ago

nvergottini commented 2 years ago

Our security team has identified that our GLPI server using the diouxx/glpi image has the vulnerability identified in CVE-2021-40438. This has been fixed in the latest version of Apache in Debian Buster. Will you be pushing a new image with updated packages in the near future?

DiouxX commented 2 years ago

Hello,

Thank you for bringing this vulnerability to my attention. I updated the version of the diouxx/glpi image by upgrading the debian version and the last apache version.

The apache version is 2.4.51 and should be protected against the CVE-2021-40438

Thanks again for your intervention and your participation !

nvergottini commented 2 years ago

Thanks. I appreciate the response.