ALSA-2024:1786

[ALSA-2024:1786] Important: httpd:2.4/mod_http2 security update

Type:

security

Severity:

important

Release date:

2024-04-12

Description:

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

* httpd: mod_http2: CONTINUATION frames DoS (CVE-2024-27316)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.aarch64.rpm	2678c086cc5a3b9b6f20f73891c8d84235646307efa87d482c5f95d828da9f4e
aarch64	mod_session-2.4.37-62.module_el8.9.0+3646+acd210d0.aarch64.rpm	577d43734e248c8c4ad49c3f912f1bd81844515918e063be05e022e22e5ed61b
aarch64	mod_http2-1.15.7-8.module_el8.9.0+3809+48080a14.5.alma.1.aarch64.rpm	6b7c6e508c7365e95e2675353978e44085a53556860489979e378faa9b671d1b
aarch64	mod_ssl-2.4.37-62.module_el8.9.0+3646+acd210d0.aarch64.rpm	b5621a30ae69667e9c688daa239ff8afd1b2c61e6788d7bb99a30f3ebfdf3298
aarch64	mod_proxy_html-2.4.37-62.module_el8.9.0+3646+acd210d0.aarch64.rpm	bc19b7ced1257d29ed794b3f8b4d7e7d406f075ee3792c32eee73f58f4399a60
aarch64	httpd-devel-2.4.37-62.module_el8.9.0+3646+acd210d0.aarch64.rpm	c4a6d9654a30c40d672f9d742a49312b8b5e8eb33107b7b415f81a84d27199ca
aarch64	mod_ldap-2.4.37-62.module_el8.9.0+3646+acd210d0.aarch64.rpm	d0ae036fe59563b0dd2731e6a33576841b38d5ead0937a89962da8891dfb8b28
aarch64	httpd-tools-2.4.37-62.module_el8.9.0+3646+acd210d0.aarch64.rpm	d256870c2b747a2a11028607170ea959196b8e2ac1ebff11f81b7813bc15dc54
aarch64	httpd-2.4.37-62.module_el8.9.0+3646+acd210d0.aarch64.rpm	e6c2c1579652c970fa65e2e30b1b7f7bd60d8ccb055aac962f6bcd6c57ad5689
noarch	httpd-manual-2.4.37-62.module_el8.9.0+3646+acd210d0.noarch.rpm	124c944729766f6f0e75f36dcfc3aa3042cdd11b5a68d8b57e1d73a83c0e2190
noarch	httpd-filesystem-2.4.37-62.module_el8.9.0+3646+acd210d0.noarch.rpm	f084ce5b558cf535fb44377010b9f68441a23a8a0335952a6e68701a9e76bbae
ppc64le	mod_http2-1.15.7-8.module_el8.9.0+3809+48080a14.5.alma.1.ppc64le.rpm	0d0726f447042ba099ac57334f19890158b4f6d5974bec29653f21e11c99bb2a
ppc64le	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.ppc64le.rpm	1a26f7d2af339e6769c26359dbdc9aa33083ab2b7d43c69c006dfafb57b05ac6
ppc64le	mod_session-2.4.37-62.module_el8.9.0+3646+acd210d0.ppc64le.rpm	36e2051d135d7e9248be2c9ee836464eb27aaf1a33f657581d51ed928edfbb25
ppc64le	mod_proxy_html-2.4.37-62.module_el8.9.0+3646+acd210d0.ppc64le.rpm	574aa0b500aa365b980ff6add4987ca4403ef927e731e74543ca0f4198fb90bc
ppc64le	httpd-tools-2.4.37-62.module_el8.9.0+3646+acd210d0.ppc64le.rpm	6f7a38c8f2d97d4fd5eb7e7e1ee763bbc36129b92211082cdad4f9ff90603ab8
ppc64le	mod_ldap-2.4.37-62.module_el8.9.0+3646+acd210d0.ppc64le.rpm	f0c1a8567b4781a9c8c9d42e4b0edc97349daa086b67d01e3fd7af03aa4e91fd
ppc64le	httpd-2.4.37-62.module_el8.9.0+3646+acd210d0.ppc64le.rpm	f60889e2b1f23fb52188739672f0d2b7f42dda69806b9dbd4867fd01ab9bf89e
ppc64le	httpd-devel-2.4.37-62.module_el8.9.0+3646+acd210d0.ppc64le.rpm	f66d5e042b926de16973f7ba71acf30888611e76424cea003e18a40508cf6a43
ppc64le	mod_ssl-2.4.37-62.module_el8.9.0+3646+acd210d0.ppc64le.rpm	f6c8bede3b332cee40ea23626b0201f9d709546e22894151c3543e6b2045bfb5
s390x	mod_ssl-2.4.37-62.module_el8.9.0+3646+acd210d0.s390x.rpm	0f3404b1519835db3ee5108d0e226b051135247dd7c6ec11f1c1a65577b1dca8
s390x	httpd-devel-2.4.37-62.module_el8.9.0+3646+acd210d0.s390x.rpm	23657ec788c9bb56b4a0360fa4fe670ea49a19d53a3c90bd6d171f450b9bc059
s390x	mod_ldap-2.4.37-62.module_el8.9.0+3646+acd210d0.s390x.rpm	4d2d9a79f311c2a557fafdce31a3339dd5647b9f20173afa42ed4941538d2843
s390x	mod_proxy_html-2.4.37-62.module_el8.9.0+3646+acd210d0.s390x.rpm	55559e9c0761a246d4ada301a2963c8f53e50988dafe1ecaa7a121a5fff5b871
s390x	httpd-tools-2.4.37-62.module_el8.9.0+3646+acd210d0.s390x.rpm	96603a8ce283437f2d58f0dc56448f3d3be3f74b89c73d768fed1147d16f19d5
s390x	mod_session-2.4.37-62.module_el8.9.0+3646+acd210d0.s390x.rpm	a74d25d922005ecfc935c934f60d5fb1295526a6f1889192c84db8774914704d
s390x	mod_http2-1.15.7-8.module_el8.9.0+3809+48080a14.5.alma.1.s390x.rpm	cbd50d0f96872dbe656906c2b685385293d5970edf338b422d45852f54d6f77e
s390x	mod_md-2.0.8-8.module_el8.6.0+3031+fb177b09.s390x.rpm	e47754aea99df8718074dd3d1df288b448b0af9d0ba4f0f8c6a3b5c8a164a1a7
s390x	httpd-2.4.37-62.module_el8.9.0+3646+acd210d0.s390x.rpm	e585a52e5d90964b0b7f836cbab70648fe6a561fe06d894dcfcc184c04ee0d29
x86_64	mod_session-2.4.37-62.module_el8.9.0+3646+acd210d0.x86_64.rpm	028c8d7b4488650082c4b142baf300e3642cccde8c7e443b169ebf993f09f584
x86_64	mod_http2-1.15.7-8.module_el8.9.0+3809+48080a14.5.alma.1.x86_64.rpm	1502b7ca1a333190bf09193580300f67154d30e96e66c2bd6b287dde295f35d7
x86_64	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.x86_64.rpm	3b1e101e6a9192ff94ee4d007aff494cf5631948586568da7a1c6ac1255c8a68
x86_64	mod_proxy_html-2.4.37-62.module_el8.9.0+3646+acd210d0.x86_64.rpm	5ef930102a6883385c17ebc03b3a9727b6e50a3a6272f60732df45bb2477e5b5
x86_64	mod_ssl-2.4.37-62.module_el8.9.0+3646+acd210d0.x86_64.rpm	5ff104e1a2775dee3be8ecda0f03241a638794edf523ee76cf722f6e1104babd
x86_64	httpd-devel-2.4.37-62.module_el8.9.0+3646+acd210d0.x86_64.rpm	85885e4f29234c742f71a4246f28f9cb018b883385d711ceb70e8c35dc09197e
x86_64	httpd-2.4.37-62.module_el8.9.0+3646+acd210d0.x86_64.rpm	daf680a4579a327f4df7782494462082855437cdaca55239cbe2d8b04a6f5d81
x86_64	httpd-tools-2.4.37-62.module_el8.9.0+3646+acd210d0.x86_64.rpm	ec1a3accec89ea76d7e484fd93a20ce7e25e034cb35317593a5991310b49bb38
x86_64	mod_ldap-2.4.37-62.module_el8.9.0+3646+acd210d0.x86_64.rpm	f4631d403eb5bb9ace1850ed9314c0896e7fab565761adefe45052ae72fc3c27

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.