[ALSA-2024:4726] Important: httpd security update
Type:
security
Severity:
important
Release date:
2024-07-23
Description:
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: Improper escaping of output in mod_rewrite (CVE-2024-38475) * httpd: Substitution encoding issue in mod_rewrite (CVE-2024-38474) * httpd: null pointer dereference in mod_proxy (CVE-2024-38477) * httpd: Potential SSRF in mod_rewrite (CVE-2024-39573) * httpd: Encoding problem in mod_proxy (CVE-2024-38473) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 mod_proxy_html-2.4.57-11.el9_4.aarch64.rpm 098fa0b19573375e5c4379221a872688ff15e5e37b5d4d01a0d05de81ab80c59
aarch64 mod_session-2.4.57-11.el9_4.aarch64.rpm 463a56f416017d53538f9f00272e8690989553e3fac25588cd706f4396d91504
aarch64 httpd-devel-2.4.57-11.el9_4.aarch64.rpm 525a13d7f34f8ef76032539bbdbb166adbc303e8c5e1a33514981515901b182c
aarch64 httpd-core-2.4.57-11.el9_4.aarch64.rpm 525a3f8725f0c3456f19ab9182890a37de4f8d7f4f3c0f011a68a895a66bb6e6
aarch64 mod_lua-2.4.57-11.el9_4.aarch64.rpm 94ff3d363f5a0d2cde3e42359ae686538ee3149e4d59d79a9b3f056b3023e24a
aarch64 httpd-2.4.57-11.el9_4.aarch64.rpm b688dd38cdc44b77ad69c46890e38730758692c6cc129a04cfeb36d54f447e03
aarch64 mod_ldap-2.4.57-11.el9_4.aarch64.rpm bc77148dab8d5d3d3826ddb50de65abb68254ea15e06ae2cce72a4b01a145c6b
aarch64 mod_ssl-2.4.57-11.el9_4.aarch64.rpm f2e32f2df66e7603b3deb3310aab2934a5b6a546bbddca086d17689d3a6368d8
aarch64 httpd-tools-2.4.57-11.el9_4.aarch64.rpm fe471abc1df59120c24d3f98d73d7824c5ea20606e347464e797074e8429d5eb
noarch httpd-filesystem-2.4.57-11.el9_4.noarch.rpm 83c3fadfe9c92ba0d104583616b13b3807bad424b82edbb30814263953b71361
noarch httpd-manual-2.4.57-11.el9_4.noarch.rpm bafdbbd696cea4482b92bfbd18bfa476e362601fce71b5d4c83d4a97243c9a00
ppc64le mod_ssl-2.4.57-11.el9_4.ppc64le.rpm 174d5aa9bf43413e1c36925506cbe125ce1bb0c0682e9006d55605e3869bcc81
ppc64le mod_ldap-2.4.57-11.el9_4.ppc64le.rpm 1a8b8a6104c16aca5bd3aa1051b51bc7c6e4765a265aa7248d2d11ed257779ca
ppc64le httpd-2.4.57-11.el9_4.ppc64le.rpm 20e8da189c7b5a6be6fdec6d2d87440937e8282d9bb61807eca5c6da07eab0e2
ppc64le httpd-tools-2.4.57-11.el9_4.ppc64le.rpm 2dbcd6421f0124e3e9b3d377ab78f82dcf74f849818340f62910467a85633a1f
ppc64le httpd-core-2.4.57-11.el9_4.ppc64le.rpm 7d1b02169b8eaf167ff4eb48ccb2769d31cd0c0bdd4bf0d9e4b84ec25d5a158a
ppc64le mod_session-2.4.57-11.el9_4.ppc64le.rpm 8badd6714e6710432330a9225a8ab0d5537be3e427bc45d83a5f064394aa1a3a
ppc64le mod_lua-2.4.57-11.el9_4.ppc64le.rpm bb94f0a5a6aa2e9c9b648c7847c42d72d2ffc9c09521588e7b0b64e7a6574d10
ppc64le mod_proxy_html-2.4.57-11.el9_4.ppc64le.rpm cdde2de13f06d66ab3fd01aa86e1039421baea64c82af4b71ed1654630539410
ppc64le httpd-devel-2.4.57-11.el9_4.ppc64le.rpm f3cb70924ea36b848c4353ad75cf8f8f36407a39342517f1e893385d1b44320c
s390x mod_ldap-2.4.57-11.el9_4.s390x.rpm 0e10f044b9e11d4a9c1e6b477d2e3a3b7b7895d344d2ed485d2040417c515979
s390x mod_proxy_html-2.4.57-11.el9_4.s390x.rpm 3d3a36d9fe6d3171b748b769a3a6f05516699a345a678a4168b5719288475ed5
s390x mod_session-2.4.57-11.el9_4.s390x.rpm 43f330227208e1f72de34f703cb23335a902771817cd2d7c6fccc842c2efb53a
s390x httpd-core-2.4.57-11.el9_4.s390x.rpm 6edbf9752888c2a52a85db7f12b50ad7900b626a31b9ababd3390fd9b313cf28
s390x mod_lua-2.4.57-11.el9_4.s390x.rpm 70c415bbe56c5f4872a34124d58c483f529a7296424d0e76563e2141516f74af
s390x httpd-devel-2.4.57-11.el9_4.s390x.rpm 891e34fb788f0162fe7013108efa21700a436f0050c33a238621984515c159e5
s390x httpd-tools-2.4.57-11.el9_4.s390x.rpm 94dfb4957c2009d7e0e1e29b75a15cfccc7ffbd1d1f17dbabc6c14f5cf85c1b1
s390x httpd-2.4.57-11.el9_4.s390x.rpm ac0a64acc41fce626a857f3217953eb9180a434016026f29c6ed31225e46270a
s390x mod_ssl-2.4.57-11.el9_4.s390x.rpm ad4a10a7f001cc31e1236230f32579eca80a467b55ba1c87195c9e09beb1994b
x86_64 mod_session-2.4.57-11.el9_4.x86_64.rpm 250f7c62247ec167fa6b4f5096a73724fc7f9f51e799265c3a0124f6a326276d
x86_64 mod_ldap-2.4.57-11.el9_4.x86_64.rpm 27a7a4705236ff8baf539ed0224d79b466f5b15d440eb42a3132a6dd9bb2d41b
x86_64 httpd-core-2.4.57-11.el9_4.x86_64.rpm 5bb63106699fb02aef078a64fc6ad5daaf614d329f438f4443288773c4df9833
x86_64 mod_proxy_html-2.4.57-11.el9_4.x86_64.rpm 695f1c1cdb89579903bb719441514a45124bc1a77a5a6333995612a42a6d68dd
x86_64 httpd-devel-2.4.57-11.el9_4.x86_64.rpm 790720a99311b44486690ee73362d6dcfc7f5c46e60ddb220730df720ec2b7bb
x86_64 httpd-tools-2.4.57-11.el9_4.x86_64.rpm 9e7e222dbb0207527eb5af9138639722186f705df6f2b182134ba86190f3cc32
x86_64 mod_ssl-2.4.57-11.el9_4.x86_64.rpm a6f800a601d5d54de8163301c166769cec6791158e6b42a8f402c7e020af1f8f
x86_64 mod_lua-2.4.57-11.el9_4.x86_64.rpm c93f4983b4ccdea823c0af66b3314e01eb2ee15d40480100e86bc536c35cf92f
x86_64 httpd-2.4.57-11.el9_4.x86_64.rpm e1cade6b99282d580eb450a8bc5a7ab49423bc615a883532d24ea4bf7be295a2
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.