surroundings:
- Ubuntu 16
- Apache/2.4.18 (Ubuntu)
One day began, cloud service providers on cloud security e-mail once a week, vulnerability is Apache HTTP Server Elevation of Privilege Vulnerability (CVE-2019-0211)
Reference https://httpd.apache.org/security/vulnerabilities_24.html
Software installed with apt source
If you look from the official document, is to be installed from source, but the original version is installed through apt, so far, ubuntu system comes with source and source cloud service providers have not updated
here by adding a third-party source mode ppa: ondrej / apache2
Apache 2.4 or higher increase request control arrangement needs to be increased in the Require All granted , an access exception to avoid updated. This configuration may be used in a low version
Note that older versions of apache
<Directory
...
Require all granted
...
</Directory>
cp -rf /etc/apache2/sites-available/ /tmp/apache2-available
cp -rf /etc/apache2/sites-enabled/ /tmp/apache2-enabled
ls -al /etc/apache2/sites-enabled/
apache2 -version
add-apt-repository ppa:ondrej/apache2
apt update && apt list --upgradable
apt-get install --only-upgrade apache2
apache2 -version
ls -al /etc/apache2/sites-enabled/
The first step is to configure the backup cp -rf prevent configuration is lost after the update.
The above command to complete the apache version upgrade, pay attention to the middle Enter to confirm or configured to cover
treatment based on individual differences, the general covering remind indicating the presence of personalized configuration changes, you need to confirm personalized configuration also take effect in the updated version