It’s not available because it doesn’t work that way.
The base version of Apache that we have installed includes many security fixes and other patches that are built-in by Red Hat which are not included in a stock Apache that is off the shelf. So it’s not a generic httpd version that you could download which would have those security holes.
It’s not recommended to use the EL9 Apache as it has many dependencies and it would most likely not be a pleasant experience to install that
Use what you have now. You are perfectly covered. And also, please open a ticket with Nessus about this and share the ticket number. The more people who report it, the quicker the fix will be prioritized.
The security fixes for AlmaLinux 8.5 are called AlmaLinux 8.6. Seriously, all fixes are applied to the latest version ONLY, if you are on 8.5 still you are nearly three months out of date. Normally dnf update will bring you up to date.
Sure Thanks Martin… We will consider migrating to Alma 8.6 / 9 in our upcoming release.
BTW, is there any link where I can monitor the EOL/EOS dates for Alma Linux 8.5, 8.6, so that accordingly we shall plan our tasks in forthcoming releases.
I don’t know of link. The dates do depend on RHEL. Red Hat will release no more fixes for 8.N from the day they release 8.N+1
Red Hat releases new point release approximately every six months. The last point release will be supported to May 2029.