ALSA-2024:5193

[ALSA-2024:5193] Important: httpd:2.4 security update

Type:

security

Severity:

important

Release date:

2024-08-12

Description:

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

* httpd: Security issues via?backend applications whose response headers are malicious or exploitable (CVE-2024-38476)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	httpd-devel-2.4.37-65.module_el8.10.0+3874+c2064c23.2.aarch64.rpm	02c14a433bf26b8b0dfffbd02047153c945dc044e278bfac6d463c0fbcb202ab
aarch64	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.aarch64.rpm	2678c086cc5a3b9b6f20f73891c8d84235646307efa87d482c5f95d828da9f4e
aarch64	mod_proxy_html-2.4.37-65.module_el8.10.0+3874+c2064c23.2.aarch64.rpm	33c2ea17cecf35ecf6cc10233e6509fcb898f6fd9c39589dabbae0256f7b8e05
aarch64	mod_http2-1.15.7-10.module_el8.10.0+3832+564e7653.aarch64.rpm	58c15dd6cf71b1c18bea3c37084094510e48f9e16976c8436b82bc094cccaabf
aarch64	httpd-tools-2.4.37-65.module_el8.10.0+3874+c2064c23.2.aarch64.rpm	718f0ac8571e5029cd669fbb118a9e63aae5b2cf1a1559731e8d248f6f271973
aarch64	httpd-2.4.37-65.module_el8.10.0+3874+c2064c23.2.aarch64.rpm	88ddbbb2f1aba3716d96dbcffaed6b1ff647d7c709675fe834d2cf9cec89dfa9
aarch64	mod_session-2.4.37-65.module_el8.10.0+3874+c2064c23.2.aarch64.rpm	a338d3a6f3b6ea99e01401228aff3e81b01a8da2e117366718effdc829c01b20
aarch64	mod_ssl-2.4.37-65.module_el8.10.0+3874+c2064c23.2.aarch64.rpm	cce4315fe899723961599556295a0929868ca960c558a22c1bdeccd796e20f06
aarch64	mod_ldap-2.4.37-65.module_el8.10.0+3874+c2064c23.2.aarch64.rpm	d97b7d4ace8dcb343ce67c684e0981a2bc65cc8141c102ff8c00feb0c31caed1
noarch	httpd-manual-2.4.37-65.module_el8.10.0+3874+c2064c23.2.noarch.rpm	f2b27c53bc1f7f073ba47fe22dcfde3e061c987d48340d51fd74969730b74fac
noarch	httpd-filesystem-2.4.37-65.module_el8.10.0+3874+c2064c23.2.noarch.rpm	f7e7c6f6ffef0871b2a4628289b284ca0b308bd5a82f077c4a1638be7490d18d
ppc64le	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.ppc64le.rpm	1a26f7d2af339e6769c26359dbdc9aa33083ab2b7d43c69c006dfafb57b05ac6
ppc64le	httpd-2.4.37-65.module_el8.10.0+3874+c2064c23.2.ppc64le.rpm	1dc39bd2f3fc8b5164393134d8af2f3a7d3f401fb449f6fb7c2897f9a8481191
ppc64le	mod_ssl-2.4.37-65.module_el8.10.0+3874+c2064c23.2.ppc64le.rpm	2dd9349280c1398f9c3993acebecf9801b4786c07248e89990291aa7e97c4243
ppc64le	httpd-devel-2.4.37-65.module_el8.10.0+3874+c2064c23.2.ppc64le.rpm	37a5f54a1e7dbec20e3b6d0095f7cd510e0c4f6ef650d987e56152b5f7205384
ppc64le	mod_session-2.4.37-65.module_el8.10.0+3874+c2064c23.2.ppc64le.rpm	646854651afc11d6fea0b51c2c95bd8cc37a65fa50861fa256c69415dca7e694
ppc64le	mod_ldap-2.4.37-65.module_el8.10.0+3874+c2064c23.2.ppc64le.rpm	78338e7e583c9e5e18b85a5c3de72d53a015d3164a27fe2ad9e582cdf9c8106c
ppc64le	mod_proxy_html-2.4.37-65.module_el8.10.0+3874+c2064c23.2.ppc64le.rpm	c87680f8bdea101f51bff85c7df18a202f43375d7d66dd499e6d2920e3ee5412
ppc64le	mod_http2-1.15.7-10.module_el8.10.0+3872+9b8ab21e.ppc64le.rpm	dff474eac3e8048bce3b6b03189ddd1ac67be0e77d072abec6db8cc8e79c419e
ppc64le	httpd-tools-2.4.37-65.module_el8.10.0+3874+c2064c23.2.ppc64le.rpm	fef31bc773e711769da7b6fb6861a5c2a31204fd4e9534136e05d81a83ec3e6e
s390x	mod_proxy_html-2.4.37-65.module_el8.10.0+3874+c2064c23.2.s390x.rpm	2350e742de672e43b5c4aa04048e1e4a4bbad756492c50aa9679fb33444f684c
s390x	mod_session-2.4.37-65.module_el8.10.0+3874+c2064c23.2.s390x.rpm	2d0dd047c3d2e63e2f6216dab451d4267146f0de2a21e72fb4bfb2a00da82f09
s390x	httpd-tools-2.4.37-65.module_el8.10.0+3874+c2064c23.2.s390x.rpm	61397291f27469cdc884b991df3db8329bea05c5edc67f369cb4192c296767eb
s390x	httpd-devel-2.4.37-65.module_el8.10.0+3874+c2064c23.2.s390x.rpm	81a745fa58ea29409a58408f237066c31cf406fddc598960d952f4e2b390d3ed
s390x	mod_ldap-2.4.37-65.module_el8.10.0+3874+c2064c23.2.s390x.rpm	9d606975e2f97c687b0d13feac8913be2be382bd1c9787dc88de22338aee507e
s390x	mod_ssl-2.4.37-65.module_el8.10.0+3874+c2064c23.2.s390x.rpm	c93f12e9ddbacfc7a8179d32d59a468769d5c5c015c1521f376a15adf2b71c25
s390x	mod_http2-1.15.7-10.module_el8.10.0+3832+564e7653.s390x.rpm	ced86530fe3d6ef0042ef1f6483b8f83f8e28834e2495e5368934e8c1ffcf36c
s390x	mod_md-2.0.8-8.module_el8.6.0+3031+fb177b09.s390x.rpm	e47754aea99df8718074dd3d1df288b448b0af9d0ba4f0f8c6a3b5c8a164a1a7
s390x	httpd-2.4.37-65.module_el8.10.0+3874+c2064c23.2.s390x.rpm	fbc402db36370be4018238cee2efc996675df8b890bbd37fa8c069c108ad7e2d
x86_64	mod_ssl-2.4.37-65.module_el8.10.0+3874+c2064c23.2.x86_64.rpm	0446b44a8e501691dc741a6492bb82d3e3f49e5f4501c7fffe2882880c53b755
x86_64	mod_md-2.0.8-8.module_el8.6.0+2872+fe0ff7aa.x86_64.rpm	3b1e101e6a9192ff94ee4d007aff494cf5631948586568da7a1c6ac1255c8a68
x86_64	httpd-2.4.37-65.module_el8.10.0+3874+c2064c23.2.x86_64.rpm	431b47ee4bbe31e0bce411a2ae8b718047904d8346b0507993af607a23412b00
x86_64	httpd-devel-2.4.37-65.module_el8.10.0+3874+c2064c23.2.x86_64.rpm	4aa470a8a180d7082cb04e43185a284cddc40ff4a662389900f51ad4b22db102
x86_64	mod_ldap-2.4.37-65.module_el8.10.0+3874+c2064c23.2.x86_64.rpm	56f2a855301c3f5189bad5e80b5bfc9ed9f37bd62684cb20ae1071900777b737
x86_64	httpd-tools-2.4.37-65.module_el8.10.0+3874+c2064c23.2.x86_64.rpm	6921c8d79e724bea4060fa8db6621a8a8553bd8c842ea532ea41806b39352df6
x86_64	mod_http2-1.15.7-10.module_el8.10.0+3872+9b8ab21e.x86_64.rpm	8e32e41596955dd321b9f7b9954279da09fdc16cf0853aaeaa5eeb7faf1438a7
x86_64	mod_proxy_html-2.4.37-65.module_el8.10.0+3874+c2064c23.2.x86_64.rpm	b34f663bb284446f9503107bb95d2b2a5b4a37412ae9588cc85c45e20eca8695
x86_64	mod_session-2.4.37-65.module_el8.10.0+3874+c2064c23.2.x86_64.rpm	f67c49b1275419220a74a42879d818e0575d07649e368ce5edbd9b13d68a40be

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.