Vulnerabilities are discovered from time to time in the Apache server software by security reporting agencies. LanGuard or other security scanners such as Nessus will sometimes return an error message that vulnerabilities exist within the system. This usually happens when the LanGuard Apache web server is not updated to the latest version.
This article provides more information on the Apache server's purpose and update schedules in LanGuard products.
- GFI LanGuard 2012 and later (all builds)
- All supported environments
- Apache Server is used within the GFI LanGuard product for communicating scan results between the server and the agents. New versions of the Apache server may be released midstream of the current release of the LanGuard product. When this occurs, GFI Development investigates and tests the new version of the server to verify that there is no functionality lost in newer releases. As soon as the new server version is confirmed, it is immediately released.
- The GFI Development Team tests and upgrades the Apache server version during each release. These are released normally every six months.
- The periodic update of the Apache server is done automatically via the Program Updates module. The Development Team uses this method as needed to address security vulnerabilities in Apache.
Due to this, some elements of the server may be outdated then reflect on certain vulnerabilities.