CVE-2024-36387 Apache

Hello,

The CVE-2024-36387 is fixed in Apache version 2.4.60.

When updating Nextcloud to version 29.0.3, does it also update Apache to version 2.4.60?

If I want to update only Apache from version 2.4.58 to version 2.4.60, will this have an impact on Nextcloud Hub 8 (29.0.1)?

Thank you very much in advance for your answers :slight_smile:

Best regards,

Apache is not Nextcloud. So, no. Upgrading Apache would be the responsibility of your OS packaging/etc.

Unless you’re asking about a particular packaging method other than the Archive installation method of Nextcloud. Since there are many, you’ll have to be specific since they’re all maintained differently (and not even necessarily all part of the Nextcloud project directly).

1 Like