[ALSA-2026:22528] Moderate: mod_http2 security update
Type:
security
Severity:
moderate
Release date:
2026-06-03
Description:
The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): * httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase (CVE-2025-53020) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 mod_http2-2.0.29-4.el10_2.aarch64.rpm ad3fdb694065ad02b7535d99a2bc04583386ab0d96944a3955120b51eba11755
ppc64le mod_http2-2.0.29-4.el10_2.ppc64le.rpm cc782e8df1f77d59b488d0b7e90960658780184f867c1630bd500b794cc6bb46
s390x mod_http2-2.0.29-4.el10_2.s390x.rpm 9e2b105a5cbfa0992b15c882fcbd4c13595656a385d01b4fdd6a773807fe1042
x86_64 mod_http2-2.0.29-4.el10_2.x86_64.rpm 0fc8e0c70d9a7e43eae5b53c0e1e55cd429d4a8dc373d34df05bc9188ac59bbe
x86_64_v2 mod_http2-2.0.29-4.el10_2.x86_64_v2.rpm 9d8f9b9aeee71310a32979f59e6b399980d691ad302cf300ddae6424383aee5f
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.