Showing results for 
Search instead for 
Did you mean: 
Showing results for 
Search instead for 
Did you mean: 

Upgrading Apache


Upgrading Apache

I have Apache version 2.2.15 that is running with Windchill 9.1 M060 on Windows Sever 2003 32bit. Our corporate IT says I have to upgrade to Apache version 2.2.22 or new to address certain security issues.

Can I upgrade just Apache without having to upgrade Windchill to a newer maintenance release? Any tricks or challenges to doing that? Or are there only certain Apache versions that work with specific Windchill releases?



This link<">> at has the latest Windchill Apache versions available for each Windchill release. The latest Apache version posted for versions 9.1 and 10 is 2.2.21.

John M.
5-Regular Member

There's an early access page on the technical support site for more
recent Apache releases from PTC

Hi Jess

I have the same issue as Greg, we had penetration tests done and they
found a list of apache vulnerabilities as they always do, this is because
we have an outward facing apache for internet access to Windchill

So I think the issue isn't Windchill use but that apache could be
compromised.. However, having said this could you expand on your comment
"One thing to note about Apache security issues -- most of them don't
apply to Windchill's usage of Apache" this sounds interesting


Best Regards

Chris Collinson
CAD Administrator
5-Regular Member

One of my colleagues gave a nice summary of the security issues that are
present in 2.2.21 and fixed in 2.2.22.

Unfortunately, it appears that his message did not reach the forum since
he does not subscribe to it. Not realizing this, I deleted his reply

The gist was that none of these security issues apply to Windchill's use
of Apache except possibly:

* SECURITY: CVE-2012-0031 (
Fix scoreboard issue which could allow an unprivileged child process
could cause the parent to crash at shutdown rather than terminate

I'm not at all sure that this applies to Windchill's use of Apache
either -- but unlike the others it can't quickly be ruled out.

Jess Holle

We are alo planning to move to Apache 2.2.21 . Request you to please share
all your experiences... comments.... suggestions.


5-Regular Member

FYI, here's the detailed response that didn't get through:

Apache 2.2.22 is in process for being validated for the early
release page.
The latest version the is currently 2.2.21.
As Jess noted, not all security issues apply to windchill use: