Fedora 41: httpd 2.4.64 Critical Security Fixes CVE-2024-42516
fedora
October 16, 2025
New version 2.4.64 and security fixes
Summary
The Apache HTTP Server is a powerful, efficient, and extensible
web server.
Update Information:
New version 2.4.64 and security fixes
Topics Covered
Change Log
* Fri Jul 11 2025 Lubo\u0161 Uhliarik
References
[ 1 ] Bug #2379862 - CVE-2024-42516 httpd: incomplete fix for CVE-2023-38709 [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2379862
[ 2 ] Bug #2379864 - CVE-2024-43204 httpd: SSRF in Apache HTTP Server with mod_proxy loaded [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2379864
[ 3 ] Bug #2379866 - CVE-2024-47252 httpd: insufficient escaping of user-supplied data in mod_ssl [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2379866
[ 4 ] Bug #2379868 - CVE-2025-23048 httpd: access control bypass by trusted clients is possible using TLS 1.3 session resumption [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2379868
[ 5 ] Bug #2382578 - CVE-2025-49812 httpd: HTTP Session Hijack via a TLS upgrade [fedora-41]
https://bugzilla.redhat.com/show_bug.cgi?id=2382578
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-f94e6fe0b4' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: httpd
Product: Fedora 41
Version: 2.4.64
Release: 1.fc41
Summary: Apache HTTP Server
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!