Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Scientific Linux: SLSA-2019-2343-1 Moderate: httpd Access Control Fix

Calendar Aug 26, 2019 User Avatar LinuxSecurity Advisories
1 - 2 min read
Scientific Large Esm H500
Topics%20covered

Topics Covered

security advisory access control security fix httpd race condition bug update Scientific Linux
httpd: mod_auth_digest: access control bypass due to race condition (CVE-2019-0217) * httpd: URL normalization inconsistency (CVE-2019-0220) SL7 x86_64 httpd-tools-2.4.6-90.el7.x86_64.rpm mod_ssl-2.4.6-90.el7.x86_64.rpm httpd-devel-2.4.6-90.el7.x86_64.rpm httpd-manual-2.4.6-90.el7.noarch.rpm httpd-2.4.6-90.el7.x86_64.rpm mod_session-2.4.6-90.el7.x86_64.rpm mod_p [More...] 
Synopsis: Moderate: httpd security and bug fix update
Advisory ID:       SLSA-2019:2343-1
Issue Date:        2019-08-06
CVE Numbers:       CVE-2019-0220
                   CVE-2019-0217
--

Security Fix(es):

* httpd: mod_auth_digest: access control bypass due to race condition
(CVE-2019-0217)

* httpd: URL normalization inconsistency (CVE-2019-0220)
--

SL7
  x86_64
    httpd-tools-2.4.6-90.el7.x86_64.rpm
    mod_ssl-2.4.6-90.el7.x86_64.rpm
    httpd-devel-2.4.6-90.el7.x86_64.rpm
    httpd-manual-2.4.6-90.el7.noarch.rpm
    httpd-2.4.6-90.el7.x86_64.rpm
    mod_session-2.4.6-90.el7.x86_64.rpm
    mod_proxy_html-2.4.6-90.el7.x86_64.rpm
    mod_ldap-2.4.6-90.el7.x86_64.rpm
    httpd-debuginfo-2.4.6-90.el7.x86_64.rpm
  noarch
    httpd-manual-2.4.6-90.el7.noarch.rpm

- Scientific Linux Development Team
Your message here