Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Red Hat Enterprise Linux 4: RHSA-2007:0747-02 Moderate: Httpd Remote Crash

red hat
Calendar Grey November 15, 2007
Dist Redhat Esm H88
Ubuntu releases a significant update for nginx, focusing on patches and optimizations aimed at boosting performance and enhancing security measures.
Updated httpd packages that fix a security issue, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 4

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

173467 - windowsupdate.microsoft.com does not work with mod_proxy 197915 - %>s incorrectly logs status code as 70007 - default handler returns output filter apr_status_t value 233254 - mod_proxy not handling percent chars in URLs correctly 240022 - Mod_proxy_http ProxyErrorOverride eating cookies 241407 - logrotate.d/httpd postrotate must use initscripts 242920 - Reverse Proxy Unexpected Timeout 248696 - Identify httpd version to configuration 250731 - CVE-2007-3847 httpd out of bounds read

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS: 30f125952a08e957d2f346c30ef7e7e7 httpd-2.0.52-38.ent.src.rpm

i386: f95b69b489d295ef96739a29757f55f2 httpd-2.0.52-38.ent.i386.rpm 42d59887a92689c9f81ff10cf626793d httpd-debuginfo-2.0.52-38.ent.i386.rpm f2fff3fd377adc85d0bed311e2e0f45c httpd-devel-2.0.52-38.ent.i386.rpm af796b5d498e912c27879906f0d7b9a1 httpd-manual-2.0.52-38.ent.i386.rpm 22c3deae4f0d49aa0051df04ce787de4 httpd-suexec-2.0.52-38.ent.i386.rpm 098b7c0ec963fd46a9db7aa43c7641a7 mod_ssl-2.0.52-38.ent.i386.rpm

ia64: cdce256cd1151d5d3e6b4bc7b8e52780 httpd-2.0.52-38.ent.ia64.rpm 0f15a50cebaf5efbc523419eee3e4f18 httpd-debuginfo-2.0.52-38.ent.ia64.rpm 405b21207461558c006ae8536cd27ef4 httpd-devel-2.0.52-38.ent.ia64.rpm e94df07dab0db9d976c7970e6ced9583 httpd-manual-2.0.52-38.ent.ia64.rpm 75646a0496eda2196eff7529f983c538 httpd-suexec-2.0.52-38.ent.ia64.rpm 58ab32351e3ecf0e0fd93d1ea4d86c85 mod_ssl-2.0.52-38.ent.ia64.rpm

ppc: e210ee818047bab954d1edd66f5b6a86 httpd-2.0.52-38.ent.ppc.rpm fd817e6b5cc96496bc567201ef8a8572 httpd-debuginfo-2.0.52-38.ent.ppc.rpm 79ebbe88ca05c2118bc170597b47ec66 httpd-devel-2.0.52-38.ent.ppc.rpm 64edf3e07c9b4c44e25c3b32cdd2c7a6 httpd-manual-2.0.52-38.ent.ppc.rpm 59434fe63aaa50b78081328a42d0a3cb httpd-suexec-2.0.52-38.ent.ppc.rpm 7b1aa9ff784abc0505463a51c7cc7a3e mod_ssl-2.0.52-38.ent.ppc.rpm

s390: 8e051d2f7eb66e09b656b9027aa4107a httpd-2.0.52-38.ent.s390.rpm e0b951a481fd759b9ab800c9b9cf11fb httpd-debuginfo-2.0.52-38.ent.s390.rpm 2b70fcfe40d17f7cd8ef27dade54bb3e httpd-devel-2.0.52-38.ent.s390.rpm 4ec9ca1ba9713993fed46a7eaba5a0a3 httpd-manual-2.0.52-38.ent.s390.rpm a2e67e1c60caa12e64614bf6d159d95f httpd-suexec-2.0.52-38.ent.s390.rpm 0853b38c906c53890871865dd4023aef mod_ssl-2.0.52-38.ent.s390.rpm

s390x: f8e62317f8fdfb09d3c31be388bd5d12 httpd-2.0.52-38.ent.s390x.rpm ba701e454dc885d7f3f775f70e1c7752 httpd-debuginfo-2.0.52-38.ent.s390x.rpm c9cdf84dfd5066a7d6d8752c160ecdc0 httpd-devel-2.0.52-38.ent.s390x.rpm b93c030074049ca4cd7a1f46c0f14485 httpd-manual-2.0.52-38.ent.s390x.rpm c4b00eefd718d03c324a4d6cd4ceb82a httpd-suexec-2.0.52-38.ent.s390x.rpm f2e5fffbceb41ba8921789b84454164c mod_ssl-2.0.52-38.ent.s390x.rpm

x86_64: 55c8b892978b926e42afd60af24b3749 httpd-2.0.52-38.ent.x86_64.rpm 6b4d6a9e4fd6c159596891743d0ccfe0 httpd-debuginfo-2.0.52-38.ent.x86_64.rpm cc62fc81c664900fd66a4b25f30d1046 httpd-devel-2.0.52-38.ent.x86_64.rpm 2574c6993386378b9dd9c1f033c0830f httpd-manual-2.0.52-38.ent.x86_64.rpm c901932e63e90f060a13bcaff5dbe665 httpd-suexec-2.0.52-38.ent.x86_64.rpm d5abe5155f7e86d6c3551358da6659e9 mod_ssl-2.0.52-38.ent.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS: 30f125952a08e957d2f346c30ef7e7e7 httpd-2.0.52-38.ent.src.rpm

i386: f95b69b489d295ef96739a29757f55f2 httpd-2.0.52-38.ent.i386.rpm 42d59887a92689c9f81ff10cf626793d httpd-debuginfo-2.0.52-38.ent.i386.rpm f2fff3fd377adc85d0bed311e2e0f45c httpd-devel-2.0.52-38.ent.i386.rpm af796b5d498e912c27879906f0d7b9a1 httpd-manual-2.0.52-38.ent.i386.rpm 22c3deae4f0d49aa0051df04ce787de4 httpd-suexec-2.0.52-38.ent.i386.rpm 098b7c0ec963fd46a9db7aa43c7641a7 mod_ssl-2.0.52-38.ent.i386.rpm

x86_64: 55c8b892978b926e42afd60af24b3749 httpd-2.0.52-38.ent.x86_64.rpm 6b4d6a9e4fd6c159596891743d0ccfe0 httpd-debuginfo-2.0.52-38.ent.x86_64.rpm cc62fc81c664900fd66a4b25f30d1046 httpd-devel-2.0.52-38.ent.x86_64.rpm 2574c6993386378b9dd9c1f033c0830f httpd-manual-2.0.52-38.ent.x86_64.rpm c901932e63e90f060a13bcaff5dbe665 httpd-suexec-2.0.52-38.ent.x86_64.rpm d5abe5155f7e86d6c3551358da6659e9 mod_ssl-2.0.52-38.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS: 30f125952a08e957d2f346c30ef7e7e7 httpd-2.0.52-38.ent.src.rpm

i386: f95b69b489d295ef96739a29757f55f2 httpd-2.0.52-38.ent.i386.rpm 42d59887a92689c9f81ff10cf626793d httpd-debuginfo-2.0.52-38.ent.i386.rpm f2fff3fd377adc85d0bed311e2e0f45c httpd-devel-2.0.52-38.ent.i386.rpm af796b5d498e912c27879906f0d7b9a1 httpd-manual-2.0.52-38.ent.i386.rpm 22c3deae4f0d49aa0051df04ce787de4 httpd-suexec-2.0.52-38.ent.i386.rpm 098b7c0ec963fd46a9db7aa43c7641a7 mod_ssl-2.0.52-38.ent.i386.rpm

ia64: cdce256cd1151d5d3e6b4bc7b8e52780 httpd-2.0.52-38.ent.ia64.rpm 0f15a50cebaf5efbc523419eee3e4f18 httpd-debuginfo-2.0.52-38.ent.ia64.rpm 405b21207461558c006ae8536cd27ef4 httpd-devel-2.0.52-38.ent.ia64.rpm e94df07dab0db9d976c7970e6ced9583 httpd-manual-2.0.52-38.ent.ia64.rpm 75646a0496eda2196eff7529f983c538 httpd-suexec-2.0.52-38.ent.ia64.rpm 58ab32351e3ecf0e0fd93d1ea4d86c85 mod_ssl-2.0.52-38.ent.ia64.rpm

x86_64: 55c8b892978b926e42afd60af24b3749 httpd-2.0.52-38.ent.x86_64.rpm 6b4d6a9e4fd6c159596891743d0ccfe0 httpd-debuginfo-2.0.52-38.ent.x86_64.rpm cc62fc81c664900fd66a4b25f30d1046 httpd-devel-2.0.52-38.ent.x86_64.rpm 2574c6993386378b9dd9c1f033c0830f httpd-manual-2.0.52-38.ent.x86_64.rpm c901932e63e90f060a13bcaff5dbe665 httpd-suexec-2.0.52-38.ent.x86_64.rpm d5abe5155f7e86d6c3551358da6659e9 mod_ssl-2.0.52-38.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS: 30f125952a08e957d2f346c30ef7e7e7 httpd-2.0.52-38.ent.src.rpm

i386: f95b69b489d295ef96739a29757f55f2 httpd-2.0.52-38.ent.i386.rpm 42d59887a92689c9f81ff10cf626793d httpd-debuginfo-2.0.52-38.ent.i386.rpm f2fff3fd377adc85d0bed311e2e0f45c httpd-devel-2.0.52-38.ent.i386.rpm af796b5d498e912c27879906f0d7b9a1 httpd-manual-2.0.52-38.ent.i386.rpm 22c3deae4f0d49aa0051df04ce787de4 httpd-suexec-2.0.52-38.ent.i386.rpm 098b7c0ec963fd46a9db7aa43c7641a7 mod_ssl-2.0.52-38.ent.i386.rpm

ia64: cdce256cd1151d5d3e6b4bc7b8e52780 httpd-2.0.52-38.ent.ia64.rpm 0f15a50cebaf5efbc523419eee3e4f18 httpd-debuginfo-2.0.52-38.ent.ia64.rpm 405b21207461558c006ae8536cd27ef4 httpd-devel-2.0.52-38.ent.ia64.rpm e94df07dab0db9d976c7970e6ced9583 httpd-manual-2.0.52-38.ent.ia64.rpm 75646a0496eda2196eff7529f983c538 httpd-suexec-2.0.52-38.ent.ia64.rpm 58ab32351e3ecf0e0fd93d1ea4d86c85 mod_ssl-2.0.52-38.ent.ia64.rpm

x86_64: 55c8b892978b926e42afd60af24b3749 httpd-2.0.52-38.ent.x86_64.rpm 6b4d6a9e4fd6c159596891743d0ccfe0 httpd-debuginfo-2.0.52-38.ent.x86_64.rpm cc62fc81c664900fd66a4b25f30d1046 httpd-devel-2.0.52-38.ent.x86_64.rpm 2574c6993386378b9dd9c1f033c0830f httpd-manual-2.0.52-38.ent.x86_64.rpm c901932e63e90f060a13bcaff5dbe665 httpd-suexec-2.0.52-38.ent.x86_64.rpm d5abe5155f7e86d6c3551358da6659e9 mod_ssl-2.0.52-38.ent.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2007-3847 https://access.redhat.com/security/updates/classification#moderate

Package List


Advisory ID: RHSA-2007:0747-02
Issue date: 2007-11-15
Updated on: 2007-11-15
Product: Red Hat Enterprise Linux

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64

Red Hat Enterprise Linux Desktop version 4 - i386, x86_64

Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64

Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here