ALSA-2023:1673

[ALSA-2023:1673] Important: httpd:2.4 security update

Type:

security

Severity:

important

Release date:

2023-04-20

Description:

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

* httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.aarch64.rpm	2678c086cc5a3b9b6f20f73891c8d84235646307efa87d482c5f95d828da9f4e
aarch64	httpd-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.aarch64.rpm	3ef9e870867603180bc8a3bb7ecad226f3ebb19b94b31653fd81b678d8e116ec
aarch64	mod_session-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.aarch64.rpm	4b0d9722e570a1d8e63c3135841c92c69e1565803062b730e7b450284805d7c5
aarch64	mod_proxy_html-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.aarch64.rpm	667850864e64016312c0fba3d7d72931c2ed294660dc8f8cd88ec50693daeeaf
aarch64	httpd-devel-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.aarch64.rpm	7413926e8b90fac42b02bc5be9a09b74cc3ea54c57814d3bf6c4bb010337066f
aarch64	mod_ssl-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.aarch64.rpm	84a8d07b4570c2295bc736a5ff070758f5ba2cc9c7e33cfa225c0e50e4ce5ae4
aarch64	mod_ldap-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.aarch64.rpm	8bc6da6c92a200f2895955efd58793ecd69873f178dc1de44f7f0a667ecb30de
aarch64	mod_http2-1.15.7-5.module_el8.7.0+3515+9e4fe0d6.4.aarch64.rpm	aa6f9169d27c6a895eb8f6f8104ee904a095c2b9b321a4aa43e933cbb73b5740
aarch64	httpd-tools-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.aarch64.rpm	ab64cc4d9b8a4ba78781d4759af3fa15bbfa915a16db5cf637f5ecb6dd1cf0c4
noarch	httpd-manual-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.noarch.rpm	c2eaf8441ad18eb46456183651153683b7a7ec46d5e51e2e3a074dd729429df3
noarch	httpd-filesystem-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.noarch.rpm	df791fef726f775efac4dfd381d0d75d5d6a0cf45a721c6646470479be00eda6
ppc64le	httpd-devel-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.ppc64le.rpm	0c42585b381c34a9681d76f7ccd5479d24d46239913a124cfcef73d6e0ec9793
ppc64le	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.ppc64le.rpm	1a26f7d2af339e6769c26359dbdc9aa33083ab2b7d43c69c006dfafb57b05ac6
ppc64le	mod_http2-1.15.7-5.module_el8.7.0+3515+9e4fe0d6.4.ppc64le.rpm	2f358bb564d387b7b562f0af55a95b72cb14d6515e7cbf3146e16ba6284ad736
ppc64le	mod_ldap-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.ppc64le.rpm	47592be2e13805c8ce8e68603ed5a81a52abdf9e72f547b82c503f0cbc9911e0
ppc64le	mod_proxy_html-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.ppc64le.rpm	4a911e0615063ada787bec469a4995ab48d5dc3543330f877c3ec61d89e3c23c
ppc64le	mod_ssl-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.ppc64le.rpm	8456624e378c7eac88a2beb88a087031a2e6472ab3ed94e1157fe6d97a19accd
ppc64le	httpd-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.ppc64le.rpm	df38ee58516c69782a20ea8a00d1e1bd20955b2e1ff34d72e1ea082b8f3be861
ppc64le	httpd-tools-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.ppc64le.rpm	e2687613c372c0e5f6530c9d67920163b294e1c90a8e556bb4fb38e669efc644
ppc64le	mod_session-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.ppc64le.rpm	f3da24a78979a5d8154deb44417e8cc18dd1be912028151843626d5aeb8fa6fb
s390x	mod_proxy_html-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.s390x.rpm	18893811ffcff5398519c2c0a8a73646fc8a3082b78ccf0499dc60dd193fcaa7
s390x	httpd-devel-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.s390x.rpm	29d11b0493f24ea7a7c906f71170ab7a01023347a192641c9203e3c1fe121d4d
s390x	httpd-tools-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.s390x.rpm	3fdde25a057989b78f87341bd4716255845ecd650f2558d47f4970ba1757bad1
s390x	mod_ldap-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.s390x.rpm	6afab839ee70d8f7be6554527d7dddd3e0c29a5272d479c679e3e2bd761c856c
s390x	mod_http2-1.15.7-5.module_el8.7.0+3515+9e4fe0d6.4.s390x.rpm	6cfd158fa98a10ba75f12d3ec11ddf7587f0176f278ba198351e9b8f96b6818f
s390x	mod_session-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.s390x.rpm	c3af942a3fb9ae088e9cc00ba603cceca1b21e75b7f2e35d61f0c078108a8163
s390x	httpd-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.s390x.rpm	e2c5922668dc26cb9e4e22314f4ebd636ac7cb90cea3fe5cf5bcfb3d8768b9f5
s390x	mod_md-2.0.8-8.module_el8.6.0+3031+fb177b09.s390x.rpm	e47754aea99df8718074dd3d1df288b448b0af9d0ba4f0f8c6a3b5c8a164a1a7
s390x	mod_ssl-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.s390x.rpm	fbf83ea102708a817db1573b49691f0b54149cff1bcb0815e08c7321b9d05818
x86_64	httpd-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.x86_64.rpm	0788017e1241d09e4c9422183c4d6fdfa5305e6733f6d1ea582a916e5b0bb8d8
x86_64	mod_ssl-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.x86_64.rpm	17e68c67ba57a7bd7b715d6a2242efc166177b16b633f0018758e03e6505d0c4
x86_64	httpd-tools-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.x86_64.rpm	38981061086aa27d0c9054046075bce611032166e8b90c147be466203d5ed8b7
x86_64	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.x86_64.rpm	3b1e101e6a9192ff94ee4d007aff494cf5631948586568da7a1c6ac1255c8a68
x86_64	httpd-devel-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.x86_64.rpm	54d8c00c250165e0ae31f66274563deb66f475e73ce0d7e162ba79c92a190f95
x86_64	mod_proxy_html-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.x86_64.rpm	78345eedb8ed3286396f6138ae332f913f40336f62143eb2e717a5401056bc00
x86_64	mod_ldap-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.x86_64.rpm	a092c3acc80d75c68ed22c0f6a031484c44f87e0191ec910b56edc18829671d5
x86_64	mod_http2-1.15.7-5.module_el8.7.0+3515+9e4fe0d6.4.x86_64.rpm	a2067d15fc65758c0014c7cc75b867900d2232acd10d783dd72c3aeaeeb48ff9
x86_64	mod_session-2.4.37-51.module_el8.7.0+3515+9e4fe0d6.5.x86_64.rpm	b51d91e6ac7508819cd418ace8d4053bf9b1d533ad54db620eea798269cb4eae

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.