Could you please advise how to resolve cve-2021-44790 in Sysload Monitor or Sysload Software Distribution Server?

It needs updating Apache to 2.4.52, how can we do it?

Release : 6.0

Component : Sysload Monitor and Sysload Software Distribution Server

Versions of Apache and PHP delivered with Sysload products may have High / Critical vulnerabilities that should be fixed as soon as possible, there is no documented method to update manually these versions to the latest version containing the fixes.

The Powershell script "sld_apache_update_0.2" has been created to allow updating to newer versions of Apache and PHP whenever needed.

The zip attached in this Article includes the apache and php binaries to update to currently (18th january 2022)  latest available versions Apache 2.4.52 and PHP 7.4.27

Please read the instructions in the readme.txt to perform this activity.

Readme content:

==============================================

Sysload Apache Update

17 january 2022

==============================================

DESCRIPTION
---

This patch contains the following script:

- sld_apache_update.ps1 0.2

SUPPORTED ENVIRONMENTS
---

Check Compatibility Matrix

PREREQUISITES
---

. Sysload Component installed with Apache 2.4.x / PHP 7.4.x
. Microsoft Visual C++ 2019 Redistributable (x86) installed.

According to Sysload Component to update:
- Sysload Monitor 6.0.0 HF3 installed (6.00 build 93.5).
- Sysload SD Server 6.1.2 HF2 installed (6.11 build 30).

PRE-INSTALLATION PROCEDURE
---

. Expected tree folders
  __ (current) 
       sld_apache_update.ps1
 |
    |____\src\ (Source folders, contain Apache/PHP binaries)
 |        |____\httpd-<apache_version>-win32-VC15\
 |   |____\php-<php_version>-Win32-vc15-x86\
 |
 |____\tpl\ (Template folders, updated by the script)

. Update tree folders
  . Download newer versions of Apache 2.4.x binaries (x86, VC15) / PHP 7.4.x binaries (x86, VC15, thread-safe) from here:
   Apache: https://www.apachelounge.com/download/VC15/
   PHP: https://windows.php.net/download/
   
   REMARK: both Apache and PHP need to be updated at the same time, you can't upgrade just one of them with this script.
  
  . Uncompress files (for example):
      'httpd-2.4.52-win32-VC15.zip' to '.\src\httpd-2.4.52-win32-VC15'
      'php-7.4.27-Win32-vc15-x86.zip' to '.\src\php-7.4.27-Win32-vc15-x86'

INSTALLATION PROCEDURE (Update Template folders with the script)
---

. Run powershell as Administrator
  
  . Retrieve ExecutionPolicy
  PS> Get-ExecutionPolicy
  . Set ExecutionPolicy to RemoteSigned if needed
  PS> Set-ExecutionPolicy RemoteSigned

  . Print help
  PS> ./sld_apache_update.ps1
  
  . Launch installation
  PS> ./sld_apache_update.ps1 -component <component_name> -sldHome "<SYSLOAD_HOME>" -apacheVersion <apache_version> -phpVersion <php_version>

Example for updating both Apache and PHP for Sysload Monitor:
  PS> ./sld_apache_update.ps1 -component Monitor -sldHome "C:\Program Files (x86)\Sysload" -apacheVersion 2.4.52 -phpVersion 7.4.27

Example for updating both Apache and PHP for Sysload Distribution Server:
  PS> ./sld_apache_update.ps1 -component SDServer -sldHome "C:\Program Files (x86)\Sysload" -apacheVersion 2.4.52 -phpVersion 7.4.27
  
  . Set ExecutionPolicy to previous value if needed

POST-INSTALLATION PROCEDURE (Update Sysload folders manually)
---

. On successful execution of the script, follow displayed steps

- Sysload Monitor
  . Stop Sysload Component Services
  . Backup Sysload folders
      '<SYSLOAD_HOME>\spmonitor\spmhttpd'
   '<SYSLOAD_HOME>\spmonitor\spmprhrt'
  . Copy folders ('spmhttpd', 'spmprhrt') in update mode
      from '.\tpl\A_<apache_version>-P_<php_version>\components\Monitor\spmonitor'
   to   '<SYSLOAD_HOME>\spmonitor'
  . Start Sysload Component Services

- Sysload SD Server
  . Stop Sysload Component Services
  . Backup Sysload folders
      '<SYSLOAD_HOME>\sdserver\sdhttpd'
  . Copy folders ('sdhttpd') in update mode
      from '.\tpl\A_<apache_version>-P_<php_version>\components\SDServer\sdserver'
   to   '<SYSLOAD_HOME>\sdserver'
  . Start Sysload Component Services