03-10-2010 02:45 AM
Hi,
According to this link (https://issues.apache.org/bugzilla/show_bug.cgi?id=48359) Apache has some vulnerabilities which we need to address. Is it possible to upgrade apache on the lms server?
Regards Marco Kerklaan
03-10-2010 08:25 AM
I definitely would not update apache because you would loose Cisco TAC support. If you see any problems, open a TAC Case and request a patch. I can remember onetime in the past which updated apache.
03-18-2010 06:25 AM
It turns out this vulnerablity does not affect LMS.
This issue is not affecting the LMS.
Please have a look at the following bug ID.
as you can see as I suspected we are not using This module in the LMS.
So as a workaround you can safely comment the line
LoadModule isapi_module modules/mod_isapi.so
From httpd.conf file.
Regards Marco.
03-18-2010 06:40 AM
On LMS 3.2, the only httpd.conf I can find is /opt/CSCOpx/MDC/Apache/conf/httpd.conf, which has no mention of "LoadModule isapi_module modules/mod_isapi.so" at all.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: