Canada's taxman has restored online services it took down over the weekend to respond to unspecified vulnerabilities.
The Canada Revenue Agency (CRA) announced the end of its partial outage at 5:00PM Sunday, Eastern Daylight Time.
The agency doesn't stipulate the vulnerability it identified, merely saying it affected “websites worldwide”, prompting it to “temporarily take down our online services, including electronic filing” while it applied patches.
“We took this action as a precaution, not as the result of a successful hack or breach,” the statement says.
The CRA's servers are on Shared Services Canada IP addresses, and according to Netcraft were running Apache 2.2.31 on *nix when last scanned on March 7, behind an F5 Big-IP for protection.
We are working to bring our online services back up as soon as possible. Updates will be posted at https://t.co/LpD4eFaH7O— CanadaRevenueAgency (@CanRevAgency) March 11, 2017
In January, Apache shipped 2.2.32 in the legacy branch, a security and bug fix release. Canadians probably hope it was the web server, rather than a more critical personal-data-gathering application a tier or two down the agency's stack. ®