Adobe Experience Manager Sites & More

subramanya75 · 8/1/19

Hi,

My security team is informing vulnerabilities on Apache 2.2.X used in AEM 6.1 dispatcher.

Can I simply upgrade the Apache version from 2.2.X to 2.4.X?
Could not find any documentation related to apache version for 6.1 dispatcher.

Or should I need to upgrade the dispatcher-module version along with Apache version? If yes what is the dispatcher module that I need to install on Apache 2.4.X?

Thanks in advance

Jaideep_Brar · 8/1/19

Dispatcher version does not depend on AEM version. That said, you need to use the updated dispatcher module if you upgrade apache.

Example: Dispatcher version 4.2.3 works with apache 2.4.*

Check [1] for more details.

[1] https://www.adobeaemcloud.com/content/companies/public/adobe/dispatcher/dispatcher.html

View solution in original post

Jaideep_Brar · 8/1/19

Dispatcher version does not depend on AEM version. That said, you need to use the updated dispatcher module if you upgrade apache.

Example: Dispatcher version 4.2.3 works with apache 2.4.*

Check [1] for more details.

[1] https://www.adobeaemcloud.com/content/companies/public/adobe/dispatcher/dispatcher.html

hamidk92094312 · 8/1/19

Adding to what Jaideep mentioned, to understand if the vulnerability you are referring to is fixed in Apache v2.4 you can consult the following document. In case the vulnerability is fixed then upgrading to v2.4 should address the vulnerability.

httpd 2.4 vulnerabilities - The Apache HTTP Server Project

Adobe Experience Manager Sites & More

Apache version upgrade on AEM 6.1-Dispatcher from Apache 2.2.X to Apache 2.4.X

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe