[ALSA-2024:2564] Moderate: mod_http2 security update
Type:
security
Severity:
moderate
Release date:
2024-05-07
Description:
The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): * mod_http2: httpd: CONTINUATION frames DoS (CVE-2024-27316) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 mod_http2-2.0.26-2.el9_4.aarch64.rpm 41753a0e5ba37f4912781b4553688dbd51280904a2fd253e335e0e37bbae7ca3
ppc64le mod_http2-2.0.26-2.el9_4.ppc64le.rpm 74221c411f47872518d4a290be368ce7e7052e9b0573c3f798f1e5777db6e006
s390x mod_http2-2.0.26-2.el9_4.s390x.rpm 89e634276578f4902e9ec136a7938242c21d68b9f1d1f5ba879ab8931d4bd588
x86_64 mod_http2-2.0.26-2.el9_4.x86_64.rpm ea8f4448f1942a2f46e0346836c962c24c2066dcd3e5b06668e34faedc28814d
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.