在 CentOS 7.9 上使用 Software Collections 安装的 httpd24-httpd 与在 RHEL(Universal Base Images)上安装的 httpd24-httpd 之间存在版本差异。
CentOS 7.9
yum install centos-release-scl centos-release-scl-rh
yum install httpd24-httpd
rpm -q --changelog httpd24-httpd | head -3
# * Tue Sep 20 2022 Luboš Uhliarik <[email protected]> - 2.4.34-23.5
# - Related: #2035029 - CVE-2021-44224 httpd24-httpd: httpd: possible NULL
# dereference or SSRF in forward proxy configurations
RHEL 7.9(ubi)
yum install httpd24-httpd
rpm -q --changelog httpd24-httpd | head -3
# * Thu Apr 13 2023 Luboš Uhliarik <[email protected]> - 2.4.34-23.6
# - Resolves: #2176722 - CVE-2023-25690 httpd24-httpd: httpd: HTTP request
# splitting with mod_rewrite and mod_proxy
下面显示从2023-01-03开始还没有更新过。
CentOS 7 SCL(软件集合)被废弃了吗?