[ALSA-2026:22551] Moderate: mod_http2 security update
Type:
security
Severity:
moderate
Release date:
2026-06-04
Description:
The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers. Security Fix(es): * httpd: Apache HTTP Server: HTTP/2 DoS by Memory Increase (CVE-2025-53020) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 mod_http2-2.0.26-6.el9_8.aarch64.rpm 732ea6fc89da8fdb258a5008c4852b4dd1b992f6146b5ea66640ad0ec864869c
ppc64le mod_http2-2.0.26-6.el9_8.ppc64le.rpm 3f03f6643385f565fa560d8fb4c21828c2b69045404077f1e2b71cda4611e0db
s390x mod_http2-2.0.26-6.el9_8.s390x.rpm da4f286940e3c0017c7bed2d8dcaa4ee2ffdcd38d6a5ff02b3a633b8ed3b21aa
x86_64 mod_http2-2.0.26-6.el9_8.x86_64.rpm 396f5cabbc85ac690e7a53fde092571e745eb4d14c956764f4d92966e0554ad6
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.