We got the following alert from Rack911:
Apache 2.4.39 is available already, an update would be recommended for all users.
Apache HTTP 2.4.17 to 2.4.38 is vulnerable to a local root exploit when mod_prefork, mod_worker and mod_event are used:
https://httpd.apache.org/security/vulnerabilities_24.html
We are hearing reports of exploit(s) already being produced and strongly recommend that everyone update to Apache HTTP 2.4.39 as soon as possible - especially in shared hosting environments!
https://www.apache.org/dist/httpd/Announcement2.4.html
https://www.zdnet.com/article/apach...s-root-access-on-shared-hosting-environments/
Apache 2.4.39 is available already, an update would be recommended for all users.