[ALSA-2023:6403] Moderate: httpd and mod_http2 security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2023-11-14
Description:
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. The following packages have been upgraded to a later upstream version: httpd (2.4.57). (BZ#2184403) Security Fix(es): * httpd: mod_proxy_uwsgi HTTP response splitting (CVE-2023-27522) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 httpd-devel-2.4.57-5.el9.aarch64.rpm 009605e077834fb3f1f12803fe04567e11e23c95a1afd52adf400fd23a81396d
aarch64 httpd-core-2.4.57-5.el9.aarch64.rpm 04c2a9aa23511909a06b483730860fc78dd309a0b739e83ec1318051924a05f4
aarch64 mod_lua-2.4.57-5.el9.aarch64.rpm 0875ced8d57f59d7187851580755a3399b313af489c9c7b5876f567b0fc0f510
aarch64 httpd-2.4.57-5.el9.aarch64.rpm 11579b95f4694c1ccbf832b87f577c0b449ba4d963444a29a22d1ef45330001f
aarch64 mod_session-2.4.57-5.el9.aarch64.rpm 26bd74c149f3645d1700164711899cbd6bf0e1c3c4462de927c75764733fd247
aarch64 mod_ssl-2.4.57-5.el9.aarch64.rpm 311ec25634006dd16df81a2697aff35a8b9425dd6b50d8138f62d3265e8bf746
aarch64 mod_ldap-2.4.57-5.el9.aarch64.rpm 8c09120b48081fc8d9014b764bb8b6053d06a96aa46f3dc21afb74d6bc0caa7d
aarch64 mod_proxy_html-2.4.57-5.el9.aarch64.rpm c2d9725dcc3babfa03aff076bb5898a6e4ce909390c55d7125126a968911e841
aarch64 httpd-tools-2.4.57-5.el9.aarch64.rpm f0edcfec224de9de9d22958faefca6bd6cd400fe1a84e1b7ef7f04665dc07184
noarch httpd-filesystem-2.4.57-5.el9.noarch.rpm 32e094505ffe7810a951b4ad337509c1d1dfda74acf8509405d2053e224a57e9
noarch httpd-manual-2.4.57-5.el9.noarch.rpm b242a56538be35818ce6fd9ce455c42ad770d5e54f8cc7c8d1b8d971b70f7972
ppc64le mod_ldap-2.4.57-5.el9.ppc64le.rpm 064cdf1af77db36b704dc86916fae6288c1b9fcf07c6f4be087ae462885469b9
ppc64le httpd-tools-2.4.57-5.el9.ppc64le.rpm 1b78627ce897ceb2fb4c8e9578191f936c7797755e7138455af41882bc9e692b
ppc64le mod_ssl-2.4.57-5.el9.ppc64le.rpm 2572465fff0e88ccd143b191a376fb6a9a72f3a43f0ed4a72474504ce3ee7881
ppc64le mod_session-2.4.57-5.el9.ppc64le.rpm 27ac6d63cf67df364230b042c4e75e129711bff636d503fbdf0b87f56a965161
ppc64le mod_proxy_html-2.4.57-5.el9.ppc64le.rpm 399ce64c2514d96e7024cb277213fff3b434184c65dde1949ad3834e5adcfd84
ppc64le mod_lua-2.4.57-5.el9.ppc64le.rpm 4a322b1057f527c37c0eccf329146e6a1c47b6514e461e1928f3b9706aac70d1
ppc64le httpd-2.4.57-5.el9.ppc64le.rpm 879f761be71361b7161e084db04d50107d4ad90ecbe79c54c7d811acb2f3e50d
ppc64le httpd-core-2.4.57-5.el9.ppc64le.rpm a863053d6fd612f4c9e2d4d8c2427ef7c804f7d49fb8391870856ea303c8b102
ppc64le httpd-devel-2.4.57-5.el9.ppc64le.rpm bdfe99811c32d175226c135ae5d856d76e81977edfe039cbae04767c422d4bec
s390x mod_session-2.4.57-5.el9.s390x.rpm 1f73c7083475a68f53369bb6038b22f24051e80b6b6e781baf1e9328a588fc1b
s390x httpd-devel-2.4.57-5.el9.s390x.rpm 43c9c5574009e43b8ba80d546f763c2cf83748a97b9e23b1ac19eb9aeecb2956
s390x mod_ssl-2.4.57-5.el9.s390x.rpm 4d36b621bd9d978b8b6daf6189320ee3a3ba9bd088456169735cd93fef4bf36b
s390x mod_lua-2.4.57-5.el9.s390x.rpm 69888c47bebd744947616b741906c02798b0177586e89028a2905e9219fa79a6
s390x httpd-core-2.4.57-5.el9.s390x.rpm 6b942da85b3278ca2aee2b5b046d07ae94d889f52691b95e3c4fb578e16b6561
s390x mod_proxy_html-2.4.57-5.el9.s390x.rpm 9c2f766d96d862ce35eaf3d972bfec059026012c74753fbfb3bf6d8ffb3f87f5
s390x httpd-tools-2.4.57-5.el9.s390x.rpm a582c16d641ecc3a42a1fafd3ac391d74f13bdb078c1e69f90822148cf39a4c1
s390x httpd-2.4.57-5.el9.s390x.rpm c2c127da2e5da4a4c8e5f369b4229736548b0a80e3b94e1a0944fa510ffbbdcc
s390x mod_ldap-2.4.57-5.el9.s390x.rpm e9937febf6e6d32819bd1ceb00a52bdd2586e668ded3690906d952823fcd5fec
x86_64 mod_ldap-2.4.57-5.el9.x86_64.rpm 0d8c8657c2732d08abfa2edeace6291cadace0a12063bd9fe3ed15916ce95897
x86_64 httpd-devel-2.4.57-5.el9.x86_64.rpm 3b798455d09121a9b1602c9be76df161b126bc36c3dbfce1104d4b35a3c7498e
x86_64 httpd-2.4.57-5.el9.x86_64.rpm 3d7ab3ddad3180cc315cda2df7e180925569a4847067132cd2daabd7d36b958c
x86_64 mod_proxy_html-2.4.57-5.el9.x86_64.rpm 5b7b7edb4c36dc0a1bfab4ae8c24cfd73d7820625c9ec38a6407e81b33234c23
x86_64 mod_session-2.4.57-5.el9.x86_64.rpm 68d55661acdb0eb07a762a2a38837f234c6277099da3cd6f887c1e019f6741a1
x86_64 mod_lua-2.4.57-5.el9.x86_64.rpm 901308d23d9d828ce7e1f13672eeb9859438338f6f54a17045f827b4c6926bd5
x86_64 mod_ssl-2.4.57-5.el9.x86_64.rpm de12c872a495793879ac3b0b94036ff36dbcb4be30dfa32961ec54aa3cfdaf10
x86_64 httpd-tools-2.4.57-5.el9.x86_64.rpm e2945015e7cfc2cba98f9dd10fd2cb264583f672dd56428f969863cd311c11fb
x86_64 httpd-core-2.4.57-5.el9.x86_64.rpm f9e8e748b676bbdc585e6361bf09e676c212e75f357819bcb343d1d92f0cc345
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.