[ALSA-2024:1872] Important: mod_http2 security update
Type:
security
Severity:
important
Release date:
2024-04-18
Description:
The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): * httpd: CONTINUATION frames DoS (CVE-2024-27316) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 mod_http2-1.15.19-5.el9_3.1.aarch64.rpm 706fd79cb479b297c02765feb03028a5c9f288275e7e3e8ee2fe80eb707c7963
ppc64le mod_http2-1.15.19-5.el9_3.1.ppc64le.rpm be0a2f09a7c87794a302ff87cb6c465c77b147b7858a28337d9409a087f4f7f0
s390x mod_http2-1.15.19-5.el9_3.1.s390x.rpm 659290b0856ae14a2662d3fa60ea08e0763b0e7de5a2400afa48844af12fffa3
x86_64 mod_http2-1.15.19-5.el9_3.1.x86_64.rpm eb8ea2f7f3146b030a2668a97b60b34d4c2990ca7508d2a18b323dc2c0670f49
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.