ALSA-2023:5050

[ALSA-2023:5050] Moderate: httpd:2.4 security update

Type:

security

Severity:

moderate

Release date:

2023-09-12

Description:

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

* httpd: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	mod_session-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.aarch64.rpm	04af21a68836747fb5cf41c5914d0e581781f9672222a0c0950c7db4d580b341
aarch64	mod_proxy_html-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.aarch64.rpm	146da6769801b8ae5eb272c712079a2cd1deaaede17fe4b91812e50ed4f83b96
aarch64	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.aarch64.rpm	2678c086cc5a3b9b6f20f73891c8d84235646307efa87d482c5f95d828da9f4e
aarch64	mod_ldap-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.aarch64.rpm	bed35d88c1ebc9d0793a61c89c57d42a567cc1d52d61889ba9980a275c242b25
aarch64	httpd-tools-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.aarch64.rpm	c2d9cbfab5a44519532bcaa8b6343685a256ca3037dac24c8dbed0d01b654cad
aarch64	httpd-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.aarch64.rpm	d2068b2c2add82c344e27547e22e1e9cecef801f079c59f662c85bdf2c67657e
aarch64	mod_http2-1.15.7-8.module_el8.8.0+3554+ec1058a7.3.aarch64.rpm	d96789c3cefd7952b01185bcf85d84258aacface4da40f315f4a738fe4e68b7c
aarch64	httpd-devel-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.aarch64.rpm	e7d23fab79972cd6e01f4126c9be2b9fe6e3bda306e77db131c02a1caab419f0
aarch64	mod_ssl-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.aarch64.rpm	fc536ecc41dd6fc53f383366c5cfb452fc47f67209fedd206f09cf19a3a13765
noarch	httpd-filesystem-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.noarch.rpm	54a5f5221ed32cbf184ee66bcbcdf012b835c504610c30a083d5dd91943c7a8f
noarch	httpd-manual-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.noarch.rpm	f170a5d5a80fecb98555ed4d31dd3790ac23feffd89cd43d4fdac1c2bb71eb24
ppc64le	mod_proxy_html-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.ppc64le.rpm	17a2445088aa03442a974ef3b258f6238fe546b524549e92e45f1ad542fa08ee
ppc64le	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.ppc64le.rpm	1a26f7d2af339e6769c26359dbdc9aa33083ab2b7d43c69c006dfafb57b05ac6
ppc64le	httpd-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.ppc64le.rpm	580a6e10330d8ca22de0cd72d96391b2f708770dce72ba9b9a8d252a3721f391
ppc64le	mod_ssl-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.ppc64le.rpm	9bdd3532a702370254c19545f91dbc1acfe850ed8d84caa457aa1a5f39e01f46
ppc64le	mod_session-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.ppc64le.rpm	9de3a9665ce4359920123351eab0e47a29d5dce48b6405f6d3f58bedfd69cc8c
ppc64le	mod_ldap-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.ppc64le.rpm	a6c234dbc1aa981f3817c332246e3e43b9b68221200d1bbb9b8f75d22ab837e1
ppc64le	mod_http2-1.15.7-8.module_el8.8.0+3554+ec1058a7.3.ppc64le.rpm	afd8aa47d9f0843597ac83e36ec8e4237a0a19294ca7f5b96c39ee530db8fe76
ppc64le	httpd-tools-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.ppc64le.rpm	da86c35987310d0bbce808a5181d8c13a1bf353c1e18b293857bf46b28a4254e
ppc64le	httpd-devel-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.ppc64le.rpm	e52af3f5223ba8c7e636ee86c0498a39cd654b2e8c3820efd0ea26dd03374e7e
s390x	mod_http2-1.15.7-8.module_el8.8.0+3554+ec1058a7.3.s390x.rpm	1fa38ef405240dbf5163ab2e5ff95938a4f95185adf2321fd3e0d83c76512a84
s390x	mod_ldap-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.s390x.rpm	39b7b6000ce47a017ddf7cc8d2a810cbe0b3cf66eba78a0b0dc825be4d1542cb
s390x	httpd-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.s390x.rpm	422a8d1b22a8e3bef68a788d008fddf7e524a0a1b02ca345d3010245146e025a
s390x	httpd-tools-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.s390x.rpm	442ef707cb62189fdf1e0c8729945b344d83b1a1736b50f58df2cfbb6dcf8a00
s390x	mod_session-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.s390x.rpm	87343acc33bd486a69ad342e1f5f44fcc62610707f4a1f57e1b68d97c0b870cf
s390x	mod_ssl-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.s390x.rpm	a5e7d8515d32dc8231c1c069675991e19fd2ea6b57b62fdba65949fc01e88574
s390x	httpd-devel-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.s390x.rpm	b015dd87cb13391af16f7f02b9183f2a0409f5373008098fde349c137cb6d84b
s390x	mod_md-2.0.8-8.module_el8.6.0+3031+fb177b09.s390x.rpm	e47754aea99df8718074dd3d1df288b448b0af9d0ba4f0f8c6a3b5c8a164a1a7
s390x	mod_proxy_html-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.s390x.rpm	efd46fcde62bcbd4e271d8130593b8b6f6f1642a70da1edcba24209d8f868abd
x86_64	mod_session-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.x86_64.rpm	03125debd389520affe7f7a140b96a7d43ef928027c4fc6d056cc6ce1b62db56
x86_64	mod_http2-1.15.7-8.module_el8.8.0+3554+ec1058a7.3.x86_64.rpm	1fa791dfc737206cf0c6f0b89af16162af2d2ff99feb3745938388b8769aa419
x86_64	httpd-tools-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.x86_64.rpm	2f4435a57b1811bb31d14f517d5a49ad631685f97d20d75bdf1f20b433ef1de9
x86_64	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.x86_64.rpm	3b1e101e6a9192ff94ee4d007aff494cf5631948586568da7a1c6ac1255c8a68
x86_64	mod_ldap-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.x86_64.rpm	4d6345ad80813e871940097fae33d3a773da3cf5fee34d760aab66a761c0eb3e
x86_64	mod_proxy_html-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.x86_64.rpm	99194f8d21cee97d650abefa2d88d223ff67daa9cf0c92509a7b711303af49b4
x86_64	mod_ssl-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.x86_64.rpm	9ec126147b999054d7c18046490fd446b45f4c25d85bde0a2464af2ec3b32ce7
x86_64	httpd-devel-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.x86_64.rpm	dbb94ff0c436ce05c9325b313859ac82aaf737c4eeb7ddef1dddea6abe4b8dae
x86_64	httpd-2.4.37-56.module_el8.8.0+3605+a3cf1030.7.x86_64.rpm	f3d75588e803c540335e20c939371947cecf4dbfec6cf89ffd2e141ab1905dd0

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.