PHP/Apache Vulnerability Patch Release Notes - 7/16/2014
The SecurityCenter patch for the PHP/Apache vulnerabilities (CVE-2014-3515, CVE-2014-0098) is now available. Appliance users can apply a patch that has been created for SecurityCenter 184.108.40.206, 4.7.1, or 4.8.1 running on it. When applied to an appliance running SecurityCenter 4.8.1, the vulnerabilities identified as CVE-2014-0098 (Apache HTTP Server) and CVE-2014-3515 (PHP) will be patched. When applied to an appliance running SecurityCenter 4.7.1 or SecurityCenter 220.127.116.11, the vulnerability for CVE-2014-0098 (Apache HTTP Server) will be patched.
If a user running SecurityCenter 4.6.x or 4.7.x wants to address the two PHP vulnerabilities, they will need to upgrade to an appliance running SecurityCenter 4.8.1.
Tenable Appliance versions 2.4.1, 2.4.1-1, 2.6.0, 2.6.1, 2.6.2, and 2.8.1 require this patch.
For more information, see the Security Advisory.
File Names & MD5 Checksums