Open Source Development

Power Open Source Development

Explore the open source tools and capabilities for building and deploying modern applications on IBM Power platforms including AIX, IBM i, and Linux.


#Power


#Power

 View Only
Back to discussions
Expand all | Collapse all

Please update httpd > httpd-2.4.54

  • 1.  Please update httpd > httpd-2.4.54

    Posted Tue June 14, 2022 03:03 PM

    Please update httpd to a version greater than 2.4.53.  The vulnerability management platform Tenable is reporting multiple advisories:


    The version of Apache httpd installed on the remote host is prior to 2.4.54. It is, therefore, affected by multiple vulnerabilities as referenced in the 2.4.54 advisory.

    - mod_proxy_ajp: Possible request smugglingInconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') vulnerability in mod_proxy_ajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions. Acknowledgements: Ricter Z @ 360 Noah Lab (CVE-2022-26377)

    - read beyond bounds in mod_isapiApache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the mod_isapi module. Acknowledgements: The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue (CVE-2022-28330)

    - read beyond bounds via ap_rwrite() The ap_rwrite() function in Apache HTTP Server 2.4.53 and earlier may read unintended memory if an attacker can cause the server to reflect very large input using ap_rwrite() or ap_rputs(), such as with mod_luas r:puts() function. Acknowledgements: The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue (CVE-2022-28614)

    - Read beyond bounds in ap_strcmp_match()Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in ap_strcmp_match() when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use ap_strcmp_match() may hypothetically be affected. Acknowledgements: The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue (CVE-2022-28615)

    - Denial of service in mod_lua r:parsebodyIn Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody(0) may cause a denial of service due to no default limit on possible input size. Acknowledgements: The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue (CVE-2022-29404)

    - mod_sed denial of serviceIf Apache HTTP Server 2.4.53 is configured to do transformations with mod_sed in contexts where the input to mod_sed may be very large, mod_sed may make excessively large memory allocations and trigger an abort. Acknowledgements: This issue was found by Brian Moussalli from the JFrog Security Research team (CVE-2022-30522)

    - Information Disclosure in mod_lua with websocketsApache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread() that point past the end of the storage allocated for the buffer. Acknowledgements: The Apache HTTP Server project would like to thank Ronald Crane (Zippenhop LLC) for reporting this issue (CVE-2022-30556)

    - mod_proxy X-Forwarded-For dropped by hop-by-hop mechanismApache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. Acknowledgements: The Apache HTTP Server project would like to thank Gaetan Ferry (Synacktiv) for reporting this issue (CVE-2022-31813)

    An update to httpd would be appreciated.
    Thank you,



    ------------------------------
    Lisa Isaly
    ------------------------------

    #AIXOpenSource


  • 2.  RE: Please update httpd > httpd-2.4.54

    Posted Wed June 15, 2022 11:01 AM
    Hi Lisa,
    Thank you for reporting the security vulnerabilities. 
    These are recent CVEs and we are tracking them. We will publish fixed version of httpd with fix of these CVEs.

    ------------------------------
    SANKET RATHI
    ------------------------------



  • 3.  RE: Please update httpd > httpd-2.4.54

    Posted Wed June 15, 2022 01:36 PM

    Thanks as we too are looking for the 2.4.54 Apache HTTPD udpates

    Also, we are getting the below banner from Tenable :

    Banner : Apache/2.4.53 (Unix) OpenSSL/1.0.2u
    Reported version : 1.0.2u
    Fixed version : 1.0.2ze

    Can the httpd version be compiled with mod_ssl to use the version 1.0.2ze rather than 1.0.2u ?

    Thank you,
    Scott Gruber



    ------------------------------
    Scott Gruber
    ------------------------------

    Original Message


  • 4.  RE: Please update httpd > httpd-2.4.54

    Posted Wed June 22, 2022 10:47 AM
    Thank you Sanket.  Originally Tenable had categorized these as a High, but this shows now as a Critical vulnerability.  We would certainly appreciate your efforts if this does not go beyond 30 days open.

    ------------------------------
    Lisa Isaly
    ------------------------------

    Original Message


  • 5.  RE: Please update httpd > httpd-2.4.54

    Posted Mon July 11, 2022 09:15 AM
    GM Sanket,

    So Tenable is no showing OpenSSL 1.0.2ze is vulnerable - can we have httpd 2.4.54 compiled with OpenSSL 1.0.2zf ?

    Thanks



    ------------------------------
    Scott Gruber
    ------------------------------

    Original Message


  • 6.  RE: Please update httpd > httpd-2.4.54

    Posted Wed July 20, 2022 12:33 PM
    Sanket,

    I see the httpd-2.4.54 with it's mod_ssl. I've installed it and looks good - thanks for that. However I see the below :

     Server version:  Apache/2.4.54 (Unix)
     Server built:    Jul  5 2022 02:53:31

     lib/mod_ssl-2.4.54-1.ppc   32bit : OpenSSL 1.0.2t  10 Sep 2019
     lib64/mod_ssl-2.4.54-1.ppc 64bit : OpenSSL 1.0.2t  10 Sep 2019

    curl : Apache reports for HTTP   : Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2u
    curl : Apache reports for HTTPS  : Server: Apache/2.4.54 (Unix) OpenSSL/1.0.2u


    AIX Servers OpenSSL is :  OpenSSL 1.1.1l  24 Aug 2021



    How come curl reports OpenSSL 1.0.2u when the mod_ssl is 1.0.2t ?

    Thanks

    ------------------------------
    Scott Gruber
    ------------------------------

    Original Message


  • 7.  RE: Please update httpd > httpd-2.4.54

    Posted Thu July 21, 2022 10:19 AM

    AIX Toolbox packages are dynamically linked with openssl libraries ( right now with 1.0.2.so but gradually it will be linked with 1.1.so) 
    So it's the runtime environment that decides which openssl library is used by the packages.
    So as long as the recent openssl 1.0.2* is installed in the machine, it is fine. 



    ------------------------------
    Ayappan P
    ------------------------------

    Original Message


  • 8.  RE: Please update httpd > httpd-2.4.54

    Posted Thu July 21, 2022 02:36 PM
    Thanks for the info.

    Is there anything I can do to force the link to version 1.1.so ?

    ------------------------------
    Scott Gruber
    ------------------------------

    Original Message


  • 9.  RE: Please update httpd > httpd-2.4.54

    Posted Thu July 21, 2022 02:46 PM
    Edited by Scott Gruber Thu July 21, 2022 02:48 PM
    would renaming libssl.so.1.0.2, then copy libssl.so.1.1 out of library, rename it to libssl.so.1.0.2 and then add into the library work ?

    # ar -vt /usr/lib/libssl.a

    rwxr-xr-x     0/0     728674 Apr 19 10:49 2022 libssl.so
    rwxr-xr-x     0/0     510766 Apr 19 10:49 2022 libssl.so.0.9.8
    rwxr-xr-x     0/0     728674 Apr 19 10:49 2022 libssl.so.1.0.0
    rwxr-xr-x     0/0     728674 Apr 19 10:49 2022 libssl.so.1.0.2
    rwxr-xr-x     0/0     1030403 Apr 18 16:06 2022 libssl.so.1.1




    ------------------------------
    Scott Gruber
    ------------------------------

    Original Message


  • 10.  RE: Please update httpd > httpd-2.4.54

    Posted Fri September 09, 2022 10:40 AM
    Hi Scott, 

    If you are looking 1.0.2zf version of openssl for httpd then just install it on your system and httpd will use it as it is dynamically linked.
    We are working on compiling httpd with openssl 1.1.1 and soon that will also be available.
    Here is some info regrading openssl 1.0.2zf version 

    IBM has already provided openssl 1.0.2 fixed version (zf).

    The current AIX openssl version 1.0.2.2104 is the fileset which contains all vulnerability fixes including 1.0.2ze.

    It is available in web download pack.

    It is mentioned in the fileset's readme - "  OpenSSL 1.0.2.2104 addresses all vulnerabilities reported until openssl 1.0.2ze version…

     

    Along with this IBM has recently patched a vulnerability fixed in latest community release - 1.0.2zf

    The advisory for the same is : https://aix.software.ibm.com/aix/efixes/security/openssl_advisory36.asc

     

    So the current AIX web download openssl version is 1.0.2ze but there is an ifix available to move to zf. The ifix location is mentioned in the above advisory.

     

    By default AIX openssl does not show the patch version. So if you run "openssl version" command then it will return 1.0.2u release.

    But it does not display patch version information.

    To display patch version information /var/ssl/ssl_version.cnf needs to be created/modified to add following line

    (If the /var/ssl/ssl_version.cnf is not present on system then create it)

     

    DISPLAY_PATCH_VERSION = yes

     

    Above information is also mentioned in readme of openssl fileset.

     

    I tried on my system. After installing latest openssl 1.0.2.2104 from webdownload and adding /var/ssl/ssl_version.cnf

     

    # openssl version

    OpenSSL 1.0.2ze  3 May 2022

     

    After applying ifix

     

    # openssl version

    OpenSSL 1.0.2zf  21 Jun 2022

     

    As httpd or any other AIX toolbox application links to openssl dynamically hence it will use the latest installed openssl only.

    This should fix your security scan problem.

     

    Kindly let me know if you need any other information.

     



    ------------------------------
    SANKET RATHI
    ------------------------------

    Original Message


  • 11.  RE: Please update httpd > httpd-2.4.54

    Posted Wed August 24, 2022 03:43 PM
    I appreciate the helpful info.

    On the front lines though my organization has been looking at this for a long time and is getting high on the list of vulnerabilities they want to eliminate, although we have it under exception for now. 

    I do see http-2.4.53 and above can utilize openssl 1.1.1, which we have installed and would quiesce our security department and patch the holes.

    Is linking Apache 2.4.54 to this version of SSL on the roadmap ? If so would the community be able to provide an ETA ?

    Thanks once again,

    ------------------------------
    Scott Gruber
    ------------------------------

    Original Message


  • 12.  RE: Please update httpd > httpd-2.4.54

    Posted Thu September 01, 2022 11:14 AM
    Edited by SANKET RATHI Thu September 01, 2022 11:17 AM
    Hi Scott,

    Sorry for delay, yes it is on roadmap, eventually we will link/compile all the packages to openssl 1.1.1
    As and when we will update packages to newer version we will link it to openssl 1.1.1
    Right now I do not have timeline but probably by 1Q2023

    ------------------------------
    SANKET RATHI
    ------------------------------

    Original Message


  • 13.  RE: Please update httpd > httpd-2.4.54

    Posted Wed October 12, 2022 03:32 PM
    Sanket

    Please refresh http and link it to the up-to-date openssl libraries ASAP, i.e. by the end of October 2022. 

    When do you expect your open source team to pick up the ball, so that IBM customers won't have to beg for updates in a public forum?  The constant falling behind the curve with RPMs has been going on for years.  We have escalated the issue to IBM executives and Distinguished Engineers such as

    Carl Burnett without success.   

    IBM please either do this properly or discontinue the linux rpm support in AIX completely, so we can cut the losses and switch to a different OS and platform.




    ------------------------------
    Vasiliy Gokoyev
    ------------------------------

    Original Message


  • 14.  RE: Please update httpd > httpd-2.4.54

    Posted Thu October 13, 2022 04:05 AM
    Hi Vasiliy,

    We have already update our environment and started delivering packages built with openssl 1.1.1
    All the new updates are built with openssl 1.1.1 we are also working on httpd.
    httpd is built with openssl 1.1.1 but it can not be published because all of its dependencies also need to be rebuilt with openssl 1.1.1
    We are seeing issues when a dependent package is using older openssl and main package is using new openssl. 
    As discussed in another thread we have prioritised this work and have already built following packages with openssl 1.1.1 

    clamav-0.104.2-3.ppc
    nginx-1.21.4-2.ppc
    mariadb-3:10.4.26-1.ppc
    php-7.4.30-1.ppc
    nagios-4.4.7-1.ppc

    We are working on remaining packages and will publish them as well. 
    httpd we will take on higher priority and will build its dependencies also with openssl 1.1.1 and try to publish by end of this month. 


    ------------------------------
    SANKET RATHI
    ------------------------------

    Original Message


  • 15.  RE: Please update httpd > httpd-2.4.54

    Posted Thu October 20, 2022 03:28 AM
    httpd is now built against openssl 1.1.1 and available in AIX Toolbox (httpd 2.4.54-2).

    ------------------------------
    Ayappan P
    ------------------------------

    Original Message


  • 16.  RE: Please update httpd > httpd-2.4.54

    Posted Thu October 20, 2022 01:02 PM
    Edited by Vasiliy Gokoyev Thu October 20, 2022 01:02 PM
    thanks you, however mod_ssl core dumps with the IBM supplied openssl 1.1.1q

    can you please check?

    with
    httpd-2.4.54-2.ppc
    mod_ssl-2.4.54-2.ppc

    openssl.base            1.1.2.1202



    httpd_64: Syntax error on line 154 of /opt/freeware/conf/httpd.conf: Cannot load /opt/freeware/lib64/httpd/modules/mod_ssl.so into server:      0509-130 Symbol resolution failed for /op
    t/freeware/lib64/httpd/modules/mod_ssl.so because:0509-136   Symbol SSL_CTX_set_srp_username_callback (number 114) is not exported from    dependent module /usr/lib/libssl.a[libssl.so.1
    .1].
            0509-136   Symbol SSL_CTX_set_srp_cb_arg (number 115) is not exported from
                       dependent module /usr/lib/libssl.a[libssl.so.1.1].
            0509-136   Symbol SSL_set_srp_server_param (number 116) is not exported from
                       dependent module /usr/lib/libssl.a[libssl.so.1.1].
            0509-136   Symbol SSL_get_srp_username (number 117) is not exported from
                       dependent module /usr/lib/libssl.a[libssl.so.1.1].
            0509-136   Symbol SSL_get_srp_userinfo (number 118) is not exported from
                       dependent module /usr/lib/libssl.a[libssl.so.1.1].
            0509-136   Symbol SRP_user_pwd_free (number 310) is not exported from
                       dependent module /usr/lib/libcrypto.a[libcrypto.so.1.1].
            0509-021 Additional errors occurred but are not reported.
            0509-192 Examine .loader section symbols with the
                     'dump -Tv' command.



    ------------------------------
    Vasiliy Gokoyev
    ------------------------------

    Original Message


  • 17.  RE: Please update httpd > httpd-2.4.54

    Posted Thu October 20, 2022 01:45 PM
    Ah I have :




    openssl.base

    1.1.2.1201 COMMIT COMPLETE 08/24/22 10:45:05



    Will install 1202 and retry - thanks

    Scott Gruber | Senior IT Systems Engineer | PowerVM Team

    scott.gruber@bcbsfl.com<mailto:scott.gruber@bcbsfl.com> | 904.335.1217
    [Text Description automatically generated]


    Original Message


  • 18.  RE: Please update httpd > httpd-2.4.54

    Posted Fri October 21, 2022 07:33 AM
    We have built this httpd against openssl 1.1.1.XXXX (all ciphers support). The symbols reported here in the error are not part of the libssl library of openssl 1.1.2.XXXX ( no weak ciphers). We will be releasing a fixed version httpd-2.4.54-3 today.

    ------------------------------
    Ayappan P
    ------------------------------

    Original Message


  • 19.  RE: Please update httpd > httpd-2.4.54

    Posted Thu November 17, 2022 10:40 AM

    Unfortunately, the vulnerability management platform Tenable is still reporting multiple advisories.  The version of Apache httpd installed on the remote host is 2.4.54-3.  Would appreciate if you could look into this and see if an update to httpd would cover these openssl compiling issues found in the tenable report.

    Plugin Output:
    Banner : Apache/2.4.54 (Unix) OpenSSL/1.1.1l
    Reported version : 1.1.1l

    - AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of in place encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p). (CVE-2022-2097)

    - The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool.
    Fixed in OpenSSL 3.0.3 (Affected 3.0.0,3.0.1,3.0.2). Fixed in OpenSSL 1.1.1o (Affected 1.1.1-1.1.1n).
    Fixed in OpenSSL 1.0.2ze (Affected 1.0.2-1.0.2zd). (CVE-2022-1292)

    - The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a base point encoded in compressed form. It is possible to trigger the infinite loop by crafting a certificate that has invalid explicit curve parameters. Since certificate parsing happens prior to verification of the certificate signature, any process that parses an externally supplied certificate may thus be subject to a denial of service attack. The infinite loop can also be reached when parsing crafted private keys as they can contain explicit elliptic curve parameters. Thus vulnerable situations include: - TLS clients consuming server certificates - TLS servers consuming client certificates - Hosting providers taking certificates or private keys from customers - Certificate authorities parsing certification requests from subscribers - Anything else which parses ASN.1 elliptic curve parameters Also any other applications that use the BN_mod_sqrt() where the attacker can control the parameter values are vulnerable to this DoS issue. In the OpenSSL 1.0.2 version the public key is not parsed during initial parsing of the certificate which makes it slightly harder to trigger the infinite loop. However any operation which requires the public key from the certificate will trigger the infinite loop. In particular the attacker can use a self- signed certificate to trigger the loop during verification of the certificate signature. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0. It was addressed in the releases of 1.1.1n and 3.0.2 on the 15th March 2022. Fixed in OpenSSL 3.0.2 (Affected 3.0.0,3.0.1). Fixed in OpenSSL 1.1.1n (Affected 1.1.1-1.1.1m). Fixed in OpenSSL 1.0.2zd (Affected 1.0.2-1.0.2zc). (CVE-2022-0778)

    - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be significant. However, for an attack on TLS to be meaningful, the server would have to share the DH private key among multiple clients, which is no longer an option since CVE-2016-0701. This issue affects OpenSSL versions 1.0.2, 1.1.1 and 3.0.0. It was addressed in the releases of 1.1.1m and 3.0.1 on the 15th of December 2021. For the 1.0.2 release it is addressed in git commit 6fc1aaaf3 that is available to premium support customers only. It will be made available in 1.0.2zc when it is released. The issue only affects OpenSSL on MIPS platforms. Fixed in OpenSSL 1.1.1m (Affected 1.1.1-1.1.1l). (CVE-2021-4160)

    openssh.base.client 8.1.112.1201 C F Open Secure Shell Commands
    openssh.base.server 8.1.112.1201 C F Open Secure Shell Server
    openssh.license 8.1.112.1201 C F Open Secure Shell License
    openssh.man.en_US 8.1.112.1201 C F Open Secure Shell
    openssh.msg.CA_ES 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.CS_CZ 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.DE_DE 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.EN_US 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.ES_ES 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.FR_FR 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.HU_HU 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.IT_IT 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.JA_JP 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.Ja_JP 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.KO_KR 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.PL_PL 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.PT_BR 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.RU_RU 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.SK_SK 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.ZH_CN 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.ZH_TW 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.Zh_CN 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.Zh_TW 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.ca_ES 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.cs_CZ 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.de_DE 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.en_US 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.es_ES 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.fr_FR 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.hu_HU 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.it_IT 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.ja_JP 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.ko_KR 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.pl_PL 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.pt_BR 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.ru_RU 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.sk_SK 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.zh_CN 8.1.112.1201 C F Open Secure Shell Messages -
    openssh.msg.zh_TW 8.1.112.1201 C F Open Secure Shell Messages -
    openssl.base 1.1.2.1201 CE F Open Secure Socket Layer
    openssl.license 1.1.2.1201 C F Open Secure Socket License
    openssl.man.en_US 1.1.2.1201 C F Open Secure Socket Layer

    httpd -V
    Server version: Apache/2.4.54 (Unix)
    Server built: Oct 21 2022 04:38:38
    Server's Module Magic Number: 20120211:124
    Server loaded: APR 1.7.0, APR-UTIL 1.6.1, PCRE 8.44 2020-02-12
    Compiled using: APR 1.7.0, APR-UTIL 1.6.1, PCRE 8.44 2020-02-12
    Architecture: 32-bit
    Server MPM: prefork
    threaded: no
    forked: yes (variable process count)
    Server compiled with....
    -D APR_HAS_SENDFILE
    -D APR_HAS_MMAP
    -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
    -D APR_USE_SYSVSEM_SERIALIZE
    -D APR_USE_PTHREAD_SERIALIZE
    -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
    -D APR_HAS_OTHER_CHILD
    -D AP_HAVE_RELIABLE_PIPED_LOGS
    -D DYNAMIC_MODULE_LIMIT=256
    -D HTTPD_ROOT="/opt/freeware/etc/httpd"
    -D SUEXEC_BIN="/opt/freeware/sbin/suexec"
    -D DEFAULT_PIDLOG="/var/logs/httpd.pid"
    -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
    -D DEFAULT_ERRORLOG="logs/error_log"
    -D AP_TYPES_CONFIG_FILE="conf/mime.types"
    -D SERVER_CONFIG_FILE="conf/httpd.conf"

    rpm -qa | grep -i httpd
    httpd-2.4.54-3.ppc



    ------------------------------
    MOHAMMED SIDDIQUI
    ------------------------------

    Original Message


Related Content