ALSA-2024:9306

[ALSA-2024:9306] Moderate: httpd security update

Type:

security

Severity:

moderate

Release date:

2024-11-18

Description:

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.  

Security Fix(es):  

  * httpd: HTTP response splitting (CVE-2023-38709)
  * httpd: HTTP Response Splitting in multiple modules (CVE-2024-24795)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.  

Additional Changes:  

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	mod_proxy_html-2.4.62-1.el9.aarch64.rpm	0910efd4e5f1952ccfc7f812515f90c4d5bee2277951515a3c2e905e6df64973
aarch64	mod_ldap-2.4.62-1.el9.aarch64.rpm	356c5b294c436023aab638ec3ed77d1ce1e7cb89bec52229d9e8d222016da437
aarch64	mod_session-2.4.62-1.el9.aarch64.rpm	36a8b5d225ffedc1700462a6d164b6f945b28717534e8234a54fe168a55dee1d
aarch64	mod_ssl-2.4.62-1.el9.aarch64.rpm	37f65e4af33de40f2615fe24ec04970301dc5c2fb93a1cd6aee6c28b7ceb52be
aarch64	httpd-core-2.4.62-1.el9.aarch64.rpm	6562874ff94abe084c951d01a28fc6bcbe79bccaeb5811750638a9710cd2aabe
aarch64	httpd-2.4.62-1.el9.aarch64.rpm	6e6cfbaa0dc0463bfa21a1412985ecb3c2ca202ff2ce22fd4759af532ab3ad9e
aarch64	httpd-tools-2.4.62-1.el9.aarch64.rpm	aed00d20c85268005faf1aecb59e89d26696a53590490ba24727c59992d82f99
aarch64	mod_lua-2.4.62-1.el9.aarch64.rpm	f36b7d4ad557a8c400bd8aae23bc6702ebb1435adba22f76bb1185dbe96224ce
aarch64	httpd-devel-2.4.62-1.el9.aarch64.rpm	faeafd32fe7e61b23335e08c79a889b968668dbd2b47e8013882a712f47ddf1a
noarch	httpd-filesystem-2.4.62-1.el9.noarch.rpm	14b18c5f70ad9bd24012ee959564c824985ebe6d0e5abb47ced6455fa438441e
noarch	httpd-manual-2.4.62-1.el9.noarch.rpm	c8c388c7362b7ad90badd642815c9082f038f080d85d1564d1d4dd206949e51f
ppc64le	mod_proxy_html-2.4.62-1.el9.ppc64le.rpm	009dbbcda7f9baa7da066c86fbf7aa261e591265ae23dc016caf0d53f7696b09
ppc64le	mod_ssl-2.4.62-1.el9.ppc64le.rpm	0b743a2c05bd04f704d91d9d9ae7321b373e4a53fd1cc3d0a81644a2df5702c9
ppc64le	httpd-tools-2.4.62-1.el9.ppc64le.rpm	2e59fdf8bbeefb575864c6028dd71f3544749a57d3e0a803ce0a506e289717a8
ppc64le	httpd-devel-2.4.62-1.el9.ppc64le.rpm	2f86f754b0b19be1d425a1984c6691da6d71a379708c912607efe72895b63fc6
ppc64le	mod_lua-2.4.62-1.el9.ppc64le.rpm	562786e94514ca48ffad73a35080698765ef39edebf6d2bf0f77016c887bdaf3
ppc64le	httpd-core-2.4.62-1.el9.ppc64le.rpm	6286b07957db3de757c7f9c6ccc69a7c2cfa6c1befb99162e0a0cf33e172c058
ppc64le	mod_session-2.4.62-1.el9.ppc64le.rpm	6fab17f4e01365d70fcf3184f6e7355613a6d5100171f51057477867df75a0ff
ppc64le	mod_ldap-2.4.62-1.el9.ppc64le.rpm	b101d416b6ab4d32192814de7f9ebac4f04813f06170ebb1688b9bec5313d9f9
ppc64le	httpd-2.4.62-1.el9.ppc64le.rpm	baadb6619c893dc7e9e35793c9f4872a3427a118cbaabb4321f1a98a0c863ba0
s390x	httpd-tools-2.4.62-1.el9.s390x.rpm	2c3f4bc5bc6a88cfd801189cd86625146fc4c223ec206772c853a9ef5ee3df3b
s390x	mod_ssl-2.4.62-1.el9.s390x.rpm	5e31ab4169e307a0d84f30a755792abb6eb7572270d0823ae9b16df62f009fd3
s390x	mod_session-2.4.62-1.el9.s390x.rpm	702665e138b10afaf2da48db46c3c1d3c3476201ff6c700ca793fb138236a8cd
s390x	httpd-devel-2.4.62-1.el9.s390x.rpm	b0dc4af494e99f2af7fef1e1627fcaa2a33051ae3c98510a4f4526ccd8fa4bc5
s390x	httpd-core-2.4.62-1.el9.s390x.rpm	c88c3b8e4007682ae7cd3e49c6e1a77019a4f52845db9e6a84182b2c23e4a641
s390x	mod_proxy_html-2.4.62-1.el9.s390x.rpm	ce0985654b00e5487e0bece93b6d707a04b3b583002f5d85c452327d184eb51b
s390x	httpd-2.4.62-1.el9.s390x.rpm	d380924b4e07df6b598ba05e1ce3758ce7764dcccaedbc9097922ea82aeb8754
s390x	mod_ldap-2.4.62-1.el9.s390x.rpm	edcf47163cda4cdc985892d848c04be3a6e6130cf459ff3894d041ef312a6c83
s390x	mod_lua-2.4.62-1.el9.s390x.rpm	f49bd5f72e0f023735327ddedfdcf9c189d46d85aaaf423f3c6eb276c72fbe7b
x86_64	httpd-devel-2.4.62-1.el9.x86_64.rpm	05aef110117b43a5b386a61085270e0e0bb6d4d32a5a340926afa891f0abd213
x86_64	mod_ldap-2.4.62-1.el9.x86_64.rpm	2eeb32e070788394eef1b497d74f475fe166c7278ce167d5ebcdfe0bcb5edce9
x86_64	mod_ssl-2.4.62-1.el9.x86_64.rpm	2f81d7ca87175c02c3bd09410fd4031c85a329a33868933795f3979b5b96a2c4
x86_64	httpd-2.4.62-1.el9.x86_64.rpm	408a62625fe4cec688fa2aaac04e35ef8fdb1026741186b0245e43fea0ee8a2b
x86_64	mod_proxy_html-2.4.62-1.el9.x86_64.rpm	483c4daa798ac2b29d4a3a2ffc0c3979b53ea49853aa8aa7c65b50759e57df34
x86_64	httpd-tools-2.4.62-1.el9.x86_64.rpm	51d2760e366f7c06cd8e285a3a15602b7997c02d559bdc49cb74ba72ed6aef1c
x86_64	httpd-core-2.4.62-1.el9.x86_64.rpm	81924934eb7032822bf955154b4fa9eae32b16e991be5caefd3bd634edae61bb
x86_64	mod_session-2.4.62-1.el9.x86_64.rpm	90a3d6de5088745e7dcf09ba51780124eea81fd417a21b214c713c854e28af7a
x86_64	mod_lua-2.4.62-1.el9.x86_64.rpm	afed14e9ae3c032302d7e759a1cca7ceba17cc8278d9a580bfa1f6404d592eb8

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.