Update apache of lms 3.1

Unanswered Question
Mar 10th, 2010

Hi,

According to this link (https://issues.apache.org/bugzilla/show_bug.cgi?id=48359) Apache has some vulnerabilities which we need to address. Is it possible to upgrade apache on the lms server?

Regards Marco Kerklaan

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Martin Ermel Wed, 03/10/2010 - 08:25

I definitely would not update apache because you would loose Cisco TAC support. If you see any problems, open a TAC Case and request a patch. I can remember onetime in the past which updated apache.

kerklaanm Thu, 03/18/2010 - 06:25

It turns out this vulnerablity does not affect LMS.

This issue is not affecting the LMS.

Please have a look at the following bug ID.

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtf54872

as you can see as I suspected we are not using This module in the LMS.

So as a workaround you can safely comment the line

LoadModule isapi_module modules/mod_isapi.so

From httpd.conf file.

Regards Marco.

yjdabear Thu, 03/18/2010 - 06:40

On LMS 3.2, the only httpd.conf I can find is /opt/CSCOpx/MDC/Apache/conf/httpd.conf, which has no mention of "LoadModule isapi_module modules/mod_isapi.so" at all.

Actions

This Discussion

Related Content