Upgrades to the (probably insecure) Apache2 install?

Presently the setups come with Apache2 (I know it’s a little exploratory to be utilizing and running the Apache2 setup), BUT since it IS there, the currently installed version is v2.4.18, of which there are 36 known security vulnerabilities according to Apache (httpd 2.4 vulnerabilities - The Apache HTTP Server Project) It seems that whether people are using the Apache2 install that’s there or not, that it being there and being this far behind updates, and having this many security vulnerabilities stacked up is maybe an issue?

Are there any plans to upgrade the Apache2 install in the near future? Since users can enable the Apache2 instance, isn’t this a security concern?

Thanks!

4 Likes

LAMP PoC uses the OS packages Apache and MySQL. So it was maintained even though the version was old:
Version matches this information:
https://launchpad.net/ubuntu/xenial/+source/apache2

However, here you will be convinced of a new problem.
Glitch seems to have some work left unattended.
Relatedly I also put out phpinfo:

I’ll add this to this list:

4 Likes