Has Oracle planned to upgrade to an Apache version 2.4.60 or greater in future Oracle CPU patch?
Customer requested to update Apache service to version 2.4.62, specifically for CVE-2024-38475.
Problem Description
---------------------------------------------------
We have received a request from a customer to update Apache service to
version 2.4.62, specifically for vulnerabilities such as CVE-2024-38475.
Since OurApplications utilize Oracle WebLogic as the
middle tier, the Apache service version is part of Oracle WebLogic. As
such, we do not have direct control over updating it. Updates for Apache
within this context are provided by Oracle through their Critical Patch
Updates (CPU).
The most recent Oracle CPU, released in July 2024, includes Apache version 2.4.39.
Has Oracle planned to upgrade to an Apache version 2.4.60 or greater in future Oracle CPU patch?