Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 8 articles for you...
172
security advisorysecurity issueupdateUbuntu 24.04 LTS USN-6729-3 Moderate: Apache2 HTTP Server DoS Threats
Several security issues were fixed in Apache HTTP Server.. ========================================================================== Ubuntu Security Notice USN-6729-3 April 29, 2024 apache2 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS Summary: Several security issues were fixed in Apache HTTP Server. Software Description: - apache2: Apache HTTP server Details: USN-6729-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory details: Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2023-38709) Keran Mu and Jianjun Chen discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks. (CVE-2024-24795) Bartek Nowotarski discovered that the Apache HTTP Server HTTP/2 module incorrectly handled endless continuation frames. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. (CVE-2024-27316) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS apache2 2.4.58-1ubuntu8.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6729-3 https://ubuntu.com/security/notices/USN-6729-1 CVE-2023-38709, CVE-2024-24795, CVE-2024-27316 Package Information: https://launchpad.net/ubuntu/+source/apache2/2.4.58-1ubuntu8.1 . Applied multiple security patches for Nginx on Ubuntu 24.04 LTS to resolve significant vulnerabilitiesimpacting overall security.. apache security update, ubuntu apache advisory, apache2 vulnerability fixes, web server security, ubuntu 24.04 apache. . LinuxSecurity.com Team
Apr 29, 2024
Ubuntu
98
security advisoryred hathttpdRed Hat: RHSA-2023-3292-01 Important: HTTP Request Splitting in httpd
An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: httpd24-httpd security update Advisory ID: RHSA-2023:3292-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2023:3292 Issue date: 2023-05-24 CVE Names: CVE-2023-25690 ==================================================================== 1. Summary: An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Software Collections for RHEL Workstation(v. 7) - noarch, ppc64le, s390x, x86_64 Red Hat Software Collections for RHEL(v. 7) - noarch, x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2176209 - CVE-2023-25690 httpd: HTTP requestsplitting with mod_rewrite and mod_proxy 6. Package List: Red Hat Software Collections for RHEL Workstation(v. 7): Source: httpd24-httpd-2.4.34-23.el7.6.src.rpm noarch: httpd24-httpd-manual-2.4.34-23.el7.6.noarch.rpm ppc64le: httpd24-httpd-2.4.34-23.el7.6.ppc64le.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.6.ppc64le.rpm httpd24-httpd-devel-2.4.34-23.el7.6.ppc64le.rpm httpd24-httpd-tools-2.4.34-23.el7.6.ppc64le.rpm httpd24-mod_ldap-2.4.34-23.el7.6.ppc64le.rpm httpd24-mod_proxy_html-2.4.34-23.el7.6.ppc64le.rpm httpd24-mod_session-2.4.34-23.el7.6.ppc64le.rpm httpd24-mod_ssl-2.4.34-23.el7.6.ppc64le.rpm s390x: httpd24-httpd-2.4.34-23.el7.6.s390x.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.6.s390x.rpm httpd24-httpd-devel-2.4.34-23.el7.6.s390x.rpm httpd24-httpd-tools-2.4.34-23.el7.6.s390x.rpm httpd24-mod_ldap-2.4.34-23.el7.6.s390x.rpm httpd24-mod_proxy_html-2.4.34-23.el7.6.s390x.rpm httpd24-mod_session-2.4.34-23.el7.6.s390x.rpm httpd24-mod_ssl-2.4.34-23.el7.6.s390x.rpm x86_64: httpd24-httpd-2.4.34-23.el7.6.x86_64.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.6.x86_64.rpm httpd24-httpd-devel-2.4.34-23.el7.6.x86_64.rpm httpd24-httpd-tools-2.4.34-23.el7.6.x86_64.rpm httpd24-mod_ldap-2.4.34-23.el7.6.x86_64.rpm httpd24-mod_proxy_html-2.4.34-23.el7.6.x86_64.rpm httpd24-mod_session-2.4.34-23.el7.6.x86_64.rpm httpd24-mod_ssl-2.4.34-23.el7.6.x86_64.rpm Red Hat Software Collections for RHEL(v. 7): Source: httpd24-httpd-2.4.34-23.el7.6.src.rpm noarch: httpd24-httpd-manual-2.4.34-23.el7.6.noarch.rpm x86_64: httpd24-httpd-2.4.34-23.el7.6.x86_64.rpm httpd24-httpd-debuginfo-2.4.34-23.el7.6.x86_64.rpm httpd24-httpd-devel-2.4.34-23.el7.6.x86_64.rpm httpd24-httpd-tools-2.4.34-23.el7.6.x86_64.rpm httpd24-mod_ldap-2.4.34-23.el7.6.x86_64.rpm httpd24-mod_proxy_html-2.4.34-23.el7.6.x86_64.rpm httpd24-mod_session-2.4.34-23.el7.6.x86_64.rpm httpd24-mod_ssl-2.4.34-23.el7.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-25690 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZG4bytzjgjWX9erEAQjooxAAnfJIC1C9nfYzAGzhhyRvvVNcyKRx/2Qw /qC3GjIL4P3QFKzRCCKKg9+zH6oDNm3bQm30zm6SEk11TM3s1w7vjXrmkG20ZTU5 0KhuoTmygj4CVu54reNyw4k5POYTYOEhpUAHHyIMAAanDbQk+esRZWFVTdJPG2gd 0Lqy+I8k4l+qmgMd9/LXSoggevw+2+msjNHIXxFxPxGDrBrPjdm78CSYc3xrRp0k IQVCEdhN5olQTNP+1dl89aQsEYQ6ck40XFrFdmnaU+o1e/IjPNFYJFIqkY1fFbud MVEjt7G/TnAt8LTzqcE2Rndnmv3FJErHBKAv4ilYVPT6ilg102OcPKfH6pWdn+aa 12UY6goTyFwkRBd+SG0OGFNa7Xtae1EXg5vDP4T7taV0jy2Gxo6MqepNnQHdM9Qh BzGjYoSyaDc7xuGnWXBJe3e1xmaCZCiD7nBwkKwpyQNlnylKBsaqSh6TKij8d/ux bws4ZMuaLayaS6h4P0huXvDiJfaUzHiRWXrqcGLyeufuPyUW/WiSaGe+OSfir6cO QVzuRYm52n3uYQxd0jr+EvsAChbeykPdkdfbK1GOqB+5y+QrDE7ZcXQquBg31ZiM gWJhYb7TIaXcKzO6HiWFmKCNB9emtMfFuz0+zSSezrwlsF4AQ/klA9echS3Aa3ft XDAn932FGwE=iA+d -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 24, 2023
•Important
Red Hat
98
security advisorysecurity updatehttpdRed Hat Enterprise Linux 9 RHSA-2023:1916-01 Important: Httpd Security Fix
An update for httpd and mod_http2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: httpd and mod_http2 security update Advisory ID: RHSA-2023:1916-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1916 Issue date: 2023-04-20 CVE Names: CVE-2023-25690 ==================================================================== 1. Summary: An update for httpd and mod_http2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v.9.0) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2176209 - CVE-2023-25690 httpd: HTTP requestsplitting with mod_rewrite and mod_proxy 6. Package List: Red Hat Enterprise Linux AppStream EUS(v.9.0): Source: httpd-2.4.51-7.el9_0.4.src.rpm mod_http2-1.15.19-3.el9_0.5.src.rpm aarch64: httpd-2.4.51-7.el9_0.4.aarch64.rpm httpd-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm httpd-debugsource-2.4.51-7.el9_0.4.aarch64.rpm httpd-devel-2.4.51-7.el9_0.4.aarch64.rpm httpd-tools-2.4.51-7.el9_0.4.aarch64.rpm httpd-tools-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm mod_http2-1.15.19-3.el9_0.5.aarch64.rpm mod_http2-debuginfo-1.15.19-3.el9_0.5.aarch64.rpm mod_http2-debugsource-1.15.19-3.el9_0.5.aarch64.rpm mod_ldap-2.4.51-7.el9_0.4.aarch64.rpm mod_ldap-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm mod_lua-2.4.51-7.el9_0.4.aarch64.rpm mod_lua-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm mod_proxy_html-2.4.51-7.el9_0.4.aarch64.rpm mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm mod_session-2.4.51-7.el9_0.4.aarch64.rpm mod_session-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm mod_ssl-2.4.51-7.el9_0.4.aarch64.rpm mod_ssl-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm noarch: httpd-filesystem-2.4.51-7.el9_0.4.noarch.rpm httpd-manual-2.4.51-7.el9_0.4.noarch.rpm ppc64le: httpd-2.4.51-7.el9_0.4.ppc64le.rpm httpd-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm httpd-debugsource-2.4.51-7.el9_0.4.ppc64le.rpm httpd-devel-2.4.51-7.el9_0.4.ppc64le.rpm httpd-tools-2.4.51-7.el9_0.4.ppc64le.rpm httpd-tools-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm mod_http2-1.15.19-3.el9_0.5.ppc64le.rpm mod_http2-debuginfo-1.15.19-3.el9_0.5.ppc64le.rpm mod_http2-debugsource-1.15.19-3.el9_0.5.ppc64le.rpm mod_ldap-2.4.51-7.el9_0.4.ppc64le.rpm mod_ldap-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm mod_lua-2.4.51-7.el9_0.4.ppc64le.rpm mod_lua-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm mod_proxy_html-2.4.51-7.el9_0.4.ppc64le.rpm mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm mod_session-2.4.51-7.el9_0.4.ppc64le.rpm mod_session-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm mod_ssl-2.4.51-7.el9_0.4.ppc64le.rpm mod_ssl-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm s390x: httpd-2.4.51-7.el9_0.4.s390x.rpm httpd-debuginfo-2.4.51-7.el9_0.4.s390x.rpm httpd-debugsource-2.4.51-7.el9_0.4.s390x.rpm httpd-devel-2.4.51-7.el9_0.4.s390x.rpm httpd-tools-2.4.51-7.el9_0.4.s390x.rpm httpd-tools-debuginfo-2.4.51-7.el9_0.4.s390x.rpm mod_http2-1.15.19-3.el9_0.5.s390x.rpm mod_http2-debuginfo-1.15.19-3.el9_0.5.s390x.rpm mod_http2-debugsource-1.15.19-3.el9_0.5.s390x.rpm mod_ldap-2.4.51-7.el9_0.4.s390x.rpm mod_ldap-debuginfo-2.4.51-7.el9_0.4.s390x.rpm mod_lua-2.4.51-7.el9_0.4.s390x.rpm mod_lua-debuginfo-2.4.51-7.el9_0.4.s390x.rpm mod_proxy_html-2.4.51-7.el9_0.4.s390x.rpm mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.s390x.rpm mod_session-2.4.51-7.el9_0.4.s390x.rpm mod_session-debuginfo-2.4.51-7.el9_0.4.s390x.rpm mod_ssl-2.4.51-7.el9_0.4.s390x.rpm mod_ssl-debuginfo-2.4.51-7.el9_0.4.s390x.rpm x86_64: httpd-2.4.51-7.el9_0.4.x86_64.rpm httpd-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm httpd-debugsource-2.4.51-7.el9_0.4.x86_64.rpm httpd-devel-2.4.51-7.el9_0.4.x86_64.rpm httpd-tools-2.4.51-7.el9_0.4.x86_64.rpm httpd-tools-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm mod_http2-1.15.19-3.el9_0.5.x86_64.rpm mod_http2-debuginfo-1.15.19-3.el9_0.5.x86_64.rpm mod_http2-debugsource-1.15.19-3.el9_0.5.x86_64.rpm mod_ldap-2.4.51-7.el9_0.4.x86_64.rpm mod_ldap-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm mod_lua-2.4.51-7.el9_0.4.x86_64.rpm mod_lua-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm mod_proxy_html-2.4.51-7.el9_0.4.x86_64.rpm mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm mod_session-2.4.51-7.el9_0.4.x86_64.rpm mod_session-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm mod_ssl-2.4.51-7.el9_0.4.x86_64.rpm mod_ssl-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-25690 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBZEGgoNzjgjWX9erEAQhLLg/6Aom/QnxDa3PEpD4Bjil+3AT4x6K6T0/d i4qyIgFHUcWTdGVQQU+oEMmMlEi9sJAl9EB8rGYQbPcjquqGWDZn7kbVJGeDaaZQ vZF/eQXybuCCc4WBBb9bM0jdWtGh4im7L5+sIO8XPD87yQAbf7R+04PfW5yua0I5 OkVELzaItgMsi9YBPLmzBDBTxPeSwKK9htWVGL0UhM3225uJCywddjfRL5xwQaLB +aLx+A3K2VP4Ve9/frnSKm4omkIkdUE7Nw1kA+2bseCq3OwDF+Fr5/A9RHsiEtfh FqPRp/uzUShM0UCzGfy9TATsIQjgGuGGxIFGWrjcYlKKUNJ+7Fs0KWGfZipXc2sv TzhPW0UXZx2bJUohBd06yYF4Ghr+z9jKWrhOEad4bsgjPf5fWhdMpxzOBPB9Cz4l 3UOTxEualVfOjUe2lKPlwYtItfFkY9kvgaQDTgOvbx15DUaw2rIsY6dWRWJsPfJw T3F+MKEvEnmbTU+n86d2XR2BP+8vAyDuJuJ+2ZEc1tUhcsXyUuMG8f7VynjP9hHm aRTWK2/2ugy8BfJfoUS/9cM3w6GF0zxyCkDme7txbUqUw89LIxhVBum2c3oUfmd6 ScfHYWRr0R9NxAXzgCjA7sX6HlVZSoIKhWFtegsADAS6yNVb+dBVavbfUYrRgrOE iuiNhsEFBV4=Ps2v -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 20, 2023
•Important
Red Hat
98
security advisorysecurity fixRed Hat Enterprise LinuxRed Hat Enterprise Linux 8.2: RHSA-2023:1672-01 Critical: Httpd Request Splitting
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: httpd:2.4 security update Advisory ID: RHSA-2023:1672-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1672 Issue date: 2023-04-06 CVE Names: CVE-2023-25690 ==================================================================== 1. Summary: An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream AUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream E4S (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux AppStream TUS (v. 8.2) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update,which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2176209 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy 6. Package List: Red Hat Enterprise Linux AppStream AUS (v.8.2): Source: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.src.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.src.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.src.rpm aarch64: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.aarch64.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.aarch64.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.aarch64.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.aarch64.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.aarch64.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.aarch64.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm noarch: httpd-filesystem-2.4.37-21.module+el8.2.0+18510+68528e70.6.noarch.rpm httpd-manual-2.4.37-21.module+el8.2.0+18510+68528e70.6.noarch.rpm ppc64le: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.ppc64le.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.ppc64le.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.ppc64le.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.ppc64le.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.ppc64le.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.ppc64le.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm s390x: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.s390x.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.s390x.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.s390x.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.s390x.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.s390x.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.s390x.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm x86_64: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.x86_64.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.x86_64.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.x86_64.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm Red Hat Enterprise Linux AppStream E4S (v.8.2): Source: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.src.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.src.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.src.rpm aarch64: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.aarch64.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.aarch64.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.aarch64.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.aarch64.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.aarch64.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.aarch64.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm noarch: httpd-filesystem-2.4.37-21.module+el8.2.0+18510+68528e70.6.noarch.rpm httpd-manual-2.4.37-21.module+el8.2.0+18510+68528e70.6.noarch.rpm ppc64le: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.ppc64le.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.ppc64le.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.ppc64le.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.ppc64le.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.ppc64le.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.ppc64le.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm s390x: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.s390x.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.s390x.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.s390x.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.s390x.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.s390x.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.s390x.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm x86_64: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.x86_64.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.x86_64.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.x86_64.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm Red Hat Enterprise Linux AppStream TUS (v.8.2): Source: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.src.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.src.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.src.rpm aarch64: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.aarch64.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.aarch64.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.aarch64.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.aarch64.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.aarch64.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.aarch64.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.aarch64.rpm noarch: httpd-filesystem-2.4.37-21.module+el8.2.0+18510+68528e70.6.noarch.rpm httpd-manual-2.4.37-21.module+el8.2.0+18510+68528e70.6.noarch.rpm ppc64le: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.ppc64le.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.ppc64le.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.ppc64le.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.ppc64le.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.ppc64le.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.ppc64le.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.ppc64le.rpm s390x: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.s390x.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.s390x.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.s390x.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.s390x.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.s390x.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.s390x.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.s390x.rpm x86_64: httpd-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-debugsource-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-devel-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-tools-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm httpd-tools-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_http2-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.x86_64.rpm mod_http2-debuginfo-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.x86_64.rpm mod_http2-debugsource-1.11.3-3.module+el8.2.0+18513+b6a58d46.3.x86_64.rpm mod_ldap-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_ldap-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_md-2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64.rpm mod_md-debuginfo-2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64.rpm mod_md-debugsource-2.0.8-7.module+el8.2.0+5531+7e4d69a2.x86_64.rpm mod_proxy_html-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_proxy_html-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_session-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_session-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_ssl-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm mod_ssl-debuginfo-2.4.37-21.module+el8.2.0+18510+68528e70.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2023-25690 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZDVvCdzjgjWX9erEAQhpvxAAiRD8hiZ4F0ajnUzXNQ7JnAVqTDtseV9T Qs9XSCNIGf3PD3YTHmYsG0A1ilqoKUUSHEZAkEfltzLKye9hVrNMZnkWJ9PbqSRW /JD/3cpqju7ZL9Xyd3VRdQbBidSzXT8KjrWTaMtzI+qnHbnyw3jUdZ+lu81Db9+V ykCEBa6pxEr10qG+keAv3AGMot6GcvoIiIcHwxv3zMQJnmTznKiM1rlDhrR/Iiij EZM7mzMX3bLt3jt2LfdwSQWVwBb0hX+t1JuqgCq7cM51t+a4JqCP4bNMoQfCTG+u yQJUCAzhY9h224WWf1zkv8nn7wm3dutixhf8CvJIU5RbpNJQIMeLHfhgjApMKBjD 11DPAH6DxEQfJWxUhqo+6xt4xBBl/XfoMJwPvXiEG6mGI++15RKKbFLVksx5l+qD t/N6Sjgb6oUzhD45uZ5MKKqXGe1bXKxxjmDyk9LLvlhglnuGIOM5tC4f+rKLSgjR CzGEta6HDwaj7AhKgFg2kpT6rH9x0Jp046w21gY1OOXudYDMudMIMUiJZO7fIxud 4mxkVMpDb9UN6cTHEVLfus1Ni3/brSRC56IUPlhPU/nGPw15IFNp65P5+b+e6Q2d LFPIWiAG3la1nw/yMssXTrV6j67sXuLWx3mekEey6q5d2ZbMZIg46KiH3usuCZ7O Dm7xDjJMzt4=CC76 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 11, 2023
•Important
Red Hat
200
security advisorycriticalsoftware updateScientific Linux 7 SLSA-2023-1593-1 Critical Httpd Request Splitting
httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE SL7 x86_64 httpd-2.4.6-98.el7_9.7.x86_64.rpm httpd-debuginfo-2.4.6-98.el7_9.7.x86_64.rpm httpd-devel-2.4.6-98.el7_9.7.x86_64.rpm httpd-tools-2.4.6-98.e [More...]. Synopsis: Important: httpd security update Advisory ID: SLSA-2023:1593-1 Issue Date: 2023-04-04 CVE Numbers: CVE-2023-25690 -- Security Fix(es): * httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE -- SL7 x86_64 httpd-2.4.6-98.el7_9.7.x86_64.rpm httpd-debuginfo-2.4.6-98.el7_9.7.x86_64.rpm httpd-devel-2.4.6-98.el7_9.7.x86_64.rpm httpd-tools-2.4.6-98.el7_9.7.x86_64.rpm mod_ldap-2.4.6-98.el7_9.7.x86_64.rpm mod_proxy_html-2.4.6-98.el7_9.7.x86_64.rpm mod_session-2.4.6-98.el7_9.7.x86_64.rpm mod_ssl-2.4.6-98.el7_9.7.x86_64.rpm noarch httpd-manual-2.4.6-98.el7_9.7.noarch.rpm - Scientific Linux Development Team . Critical httpd security patch for SL7.x resolving request splitting vulnerabilities in mod_rewrite and mod_proxy implementations.. httpd, security update, Scientific Linux, request splitting, mod_rewrite. . Severity: Critical. LinuxSecurity.com Team
Apr 04, 2023
•Critical
Scientific Linux
98
security advisoryRed Hat Enterprise Linuxhttpd updateRed Hat 7: RHSA-2023-1593-01 Important: httpd Request Splitting
An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: httpd security update Advisory ID: RHSA-2023:1593-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1593 Issue date: 2023-04-04 CVE Names: CVE-2023-25690 ==================================================================== 1. Summary: An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Client Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 7) - noarch, ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how toapply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2176209 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy 6. Package List: Red Hat Enterprise Linux Client Optional (v. 7): Source: httpd-2.4.6-98.el7_9.7.src.rpm noarch: httpd-manual-2.4.6-98.el7_9.7.noarch.rpm x86_64: httpd-2.4.6-98.el7_9.7.x86_64.rpm httpd-debuginfo-2.4.6-98.el7_9.7.x86_64.rpm httpd-devel-2.4.6-98.el7_9.7.x86_64.rpm httpd-tools-2.4.6-98.el7_9.7.x86_64.rpm mod_ldap-2.4.6-98.el7_9.7.x86_64.rpm mod_proxy_html-2.4.6-98.el7_9.7.x86_64.rpm mod_session-2.4.6-98.el7_9.7.x86_64.rpm mod_ssl-2.4.6-98.el7_9.7.x86_64.rpm Red Hat Enterprise Linux ComputeNode Optional (v. 7): Source: httpd-2.4.6-98.el7_9.7.src.rpm noarch: httpd-manual-2.4.6-98.el7_9.7.noarch.rpm x86_64: httpd-2.4.6-98.el7_9.7.x86_64.rpm httpd-debuginfo-2.4.6-98.el7_9.7.x86_64.rpm httpd-devel-2.4.6-98.el7_9.7.x86_64.rpm httpd-tools-2.4.6-98.el7_9.7.x86_64.rpm mod_ldap-2.4.6-98.el7_9.7.x86_64.rpm mod_proxy_html-2.4.6-98.el7_9.7.x86_64.rpm mod_session-2.4.6-98.el7_9.7.x86_64.rpm mod_ssl-2.4.6-98.el7_9.7.x86_64.rpm Red Hat Enterprise Linux Server (v.7): Source: httpd-2.4.6-98.el7_9.7.src.rpm noarch: httpd-manual-2.4.6-98.el7_9.7.noarch.rpm ppc64: httpd-2.4.6-98.el7_9.7.ppc64.rpm httpd-debuginfo-2.4.6-98.el7_9.7.ppc64.rpm httpd-devel-2.4.6-98.el7_9.7.ppc64.rpm httpd-tools-2.4.6-98.el7_9.7.ppc64.rpm mod_session-2.4.6-98.el7_9.7.ppc64.rpm mod_ssl-2.4.6-98.el7_9.7.ppc64.rpm ppc64le: httpd-2.4.6-98.el7_9.7.ppc64le.rpm httpd-debuginfo-2.4.6-98.el7_9.7.ppc64le.rpm httpd-devel-2.4.6-98.el7_9.7.ppc64le.rpm httpd-tools-2.4.6-98.el7_9.7.ppc64le.rpm mod_session-2.4.6-98.el7_9.7.ppc64le.rpm mod_ssl-2.4.6-98.el7_9.7.ppc64le.rpm s390x: httpd-2.4.6-98.el7_9.7.s390x.rpm httpd-debuginfo-2.4.6-98.el7_9.7.s390x.rpm httpd-devel-2.4.6-98.el7_9.7.s390x.rpm httpd-tools-2.4.6-98.el7_9.7.s390x.rpm mod_session-2.4.6-98.el7_9.7.s390x.rpm mod_ssl-2.4.6-98.el7_9.7.s390x.rpm x86_64: httpd-2.4.6-98.el7_9.7.x86_64.rpm httpd-debuginfo-2.4.6-98.el7_9.7.x86_64.rpm httpd-devel-2.4.6-98.el7_9.7.x86_64.rpm httpd-tools-2.4.6-98.el7_9.7.x86_64.rpm mod_session-2.4.6-98.el7_9.7.x86_64.rpm mod_ssl-2.4.6-98.el7_9.7.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 7): ppc64: httpd-debuginfo-2.4.6-98.el7_9.7.ppc64.rpm mod_ldap-2.4.6-98.el7_9.7.ppc64.rpm mod_proxy_html-2.4.6-98.el7_9.7.ppc64.rpm ppc64le: httpd-debuginfo-2.4.6-98.el7_9.7.ppc64le.rpm mod_ldap-2.4.6-98.el7_9.7.ppc64le.rpm mod_proxy_html-2.4.6-98.el7_9.7.ppc64le.rpm s390x: httpd-debuginfo-2.4.6-98.el7_9.7.s390x.rpm mod_ldap-2.4.6-98.el7_9.7.s390x.rpm mod_proxy_html-2.4.6-98.el7_9.7.s390x.rpm x86_64: httpd-debuginfo-2.4.6-98.el7_9.7.x86_64.rpm mod_ldap-2.4.6-98.el7_9.7.x86_64.rpm mod_proxy_html-2.4.6-98.el7_9.7.x86_64.rpm Red Hat Enterprise Linux Workstation (v. 7): Source: httpd-2.4.6-98.el7_9.7.src.rpm noarch: httpd-manual-2.4.6-98.el7_9.7.noarch.rpm x86_64: httpd-2.4.6-98.el7_9.7.x86_64.rpm httpd-debuginfo-2.4.6-98.el7_9.7.x86_64.rpm httpd-devel-2.4.6-98.el7_9.7.x86_64.rpm httpd-tools-2.4.6-98.el7_9.7.x86_64.rpm mod_session-2.4.6-98.el7_9.7.x86_64.rpm mod_ssl-2.4.6-98.el7_9.7.x86_64.rpm Red Hat Enterprise LinuxWorkstation Optional (v. 7): x86_64: httpd-debuginfo-2.4.6-98.el7_9.7.x86_64.rpm mod_ldap-2.4.6-98.el7_9.7.x86_64.rpm mod_proxy_html-2.4.6-98.el7_9.7.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-25690 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZCw/FNzjgjWX9erEAQjM/w/9FYUd2qLJ+jwRERhmGRjw3SXsdmbHZXU+ Zg8atgtKPLRPBfcY+dCqXkctCWuqwXUgUkswFQfgMK9xYv2YKXPZU70r2ouB7xub jDBHAAaUtLpR+zwKqPmrjVvcOzYXx1OgKeG4wDROvOi94OM2sallCXDQuehW3C43 mVTV0x65r0pRDD28rQsQwJr3GiAhu2H4gE5L/5n708VJyRXKOI0YDlPu/hR2HDb0 PgtxXwCL8jUT1xsk1TPpH23JLqV5/PwgJFcdCgIZPJDBcIy7dd/VTFftVSdPzHLS pEaHMa9j4sYIR9/9rnadPwPTBh+QEeg4NlH2MiXHnXtW3H+nLHO2st9yF0WUZDSA CuOIjiguPnJh20mije3sCyWW8Wx7RcHypmHMdJFzxdXHhmr3Y8hyZY8/8edx6QV9 ZaXr1Q4p0ieSB6GOIkcXXhHxcklWYSO1jiL8R4wP6ZnaCS1cLNrIQXMc9o+iZ5iQ Z0NqYNP32FRQrN0tYMzqCA0Idarz7LXZ0tHDvxBp06MMpmk0tQUFhK+wsAjBXj5V yUBtpVmaHALyI8pDm4Wa7M3g4gxY3/fP2NQxwvNITQndH4RIWXk3TAHqPekoiM+v cOzHHWMljSNYAOTZQy3D5iocIiu13oROVjpHPeuHsleF0mQuE0TP7mLFwmSktlLO p9qd9hvH7to=biCH -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 04, 2023
•Important
Red Hat
98
security advisorysoftware updateRed Hat EnterpriseRedHat 8.4: RHSA-2023-1596-01 Important: httpd HTTP Request Splitting
An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: httpd:2.4 security update Advisory ID: RHSA-2023:1596-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:1596 Issue date: 2023-04-04 CVE Names: CVE-2023-25690 ==================================================================== 1. Summary: An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream EUS (v.8.4) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): * httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing the updated packages, the httpd daemon will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2176209 - CVE-2023-25690 httpd: HTTP request splittingwith mod_rewrite and mod_proxy 6. Package List: Red Hat Enterprise Linux AppStream EUS(v.8.4): Source: httpd-2.4.37-39.module+el8.4.0+18509+78723510.6.src.rpm mod_http2-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.src.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.src.rpm aarch64: httpd-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm httpd-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm httpd-debugsource-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm httpd-devel-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm httpd-tools-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm httpd-tools-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm mod_http2-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.aarch64.rpm mod_http2-debuginfo-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.aarch64.rpm mod_http2-debugsource-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.aarch64.rpm mod_ldap-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm mod_ldap-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.aarch64.rpm mod_proxy_html-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm mod_proxy_html-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm mod_session-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm mod_session-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm mod_ssl-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm mod_ssl-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.aarch64.rpm noarch: httpd-filesystem-2.4.37-39.module+el8.4.0+18509+78723510.6.noarch.rpm httpd-manual-2.4.37-39.module+el8.4.0+18509+78723510.6.noarch.rpm ppc64le: httpd-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm httpd-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm httpd-debugsource-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm httpd-devel-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm httpd-tools-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm httpd-tools-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm mod_http2-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.ppc64le.rpm mod_http2-debuginfo-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.ppc64le.rpm mod_http2-debugsource-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.ppc64le.rpm mod_ldap-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm mod_ldap-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.ppc64le.rpm mod_proxy_html-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm mod_proxy_html-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm mod_session-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm mod_session-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm mod_ssl-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm mod_ssl-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.ppc64le.rpm s390x: httpd-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm httpd-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm httpd-debugsource-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm httpd-devel-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm httpd-tools-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm httpd-tools-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm mod_http2-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.s390x.rpm mod_http2-debuginfo-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.s390x.rpm mod_http2-debugsource-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.s390x.rpm mod_ldap-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm mod_ldap-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.s390x.rpm mod_proxy_html-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm mod_proxy_html-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm mod_session-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm mod_session-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm mod_ssl-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm mod_ssl-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.s390x.rpm x86_64: httpd-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm httpd-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm httpd-debugsource-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm httpd-devel-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm httpd-tools-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm httpd-tools-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm mod_http2-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.x86_64.rpm mod_http2-debuginfo-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.x86_64.rpm mod_http2-debugsource-1.15.7-3.module+el8.4.0+18512+9c29e63a.2.x86_64.rpm mod_ldap-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm mod_ldap-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm mod_md-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm mod_md-debuginfo-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm mod_md-debugsource-2.0.8-8.module+el8.3.0+6814+67d1e611.x86_64.rpm mod_proxy_html-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm mod_proxy_html-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm mod_session-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm mod_session-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm mod_ssl-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm mod_ssl-debuginfo-2.4.37-39.module+el8.4.0+18509+78723510.6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2023-25690 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat securitycontact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZCw/AdzjgjWX9erEAQjyQg/+JzWPxOkqfZHdwTJ4Wl4I88wytH78Esc+ UeLYd3nNUB63/X0Hq3i1oSsyWV891zIo7fHrzFPp2VCo/fF+H6SMXQdstIOG7YsN RzDnXMBBkuFbCgL3nrUHQh21WNZ9rK682KPF0F7HEW63gQnlmUZHpo85s/h12YA/ 12GKVYT/aUc4cQsWNiyvu+nA0Z7oYK95fIGzygeFYPw252Y7gl54whBfKA+rbAqy ezU6FqCmLEgCMml4rbvaXX7Xxu3fuE5gPZ7J/7JR2uDTrZG7s9ZWIzIrLrODgTh5 mPBB1tkThEWJDu/mhj4TOpP4j/K9Vpmx5f50ORqkghgqpWtpRvnl/8LEtd8/7BcJ bPex/FgjrNnlGud5X8BDNa3tnS2Y5XG7qh1aJJGZ9L4RqrujEaSTVeZti64YPvGe rlliFvyqyaQDbvpLqvKEcshucZcTzT0J/DvMwnb4MX8j+SGhexHr4O+M+keyYTWe 0tyj+lQI1BjPmvor1ZK9+Lvk3l2KGZ1B45tP7EK8jocw8E+0YVuToxcv6BS737xS JEJWyDudrTBLyEBK7M914oksioz4Lj3qUTGav9OcYEQwo9fiL18jS+sgTWYX9j+X TZwHh2kW8wGTwHB7SncgyCf4+vJaKnh3LLwV8C1YWirWedQM20BCMVTSSWVnPCkg UuD/ye6rC/Q=Ud0B -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 04, 2023
•Important
Red Hat
172
security advisorydenial of serviceUbuntuUbuntu 21.04 USN-5090-1 Severe: Apache HTTP Server Denial of Service
Several security issues were fixed in Apache HTTP Server.. =========================================================================Ubuntu Security Notice USN-5090-1 September 27, 2021 apache2 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 21.04 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Apache HTTP Server. Software Description: - apache2: Apache HTTP server Details: James Kettle discovered that the Apache HTTP Server HTTP/2 module incorrectly handled certain crafted methods. A remote attacker could possibly use this issue to perform request splitting or cache poisoning attacks. (CVE-2021-33193) It was discovered that the Apache HTTP Server incorrectly handled certain malformed requests. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. (CVE-2021-34798) Li Zhi Xin discovered that the Apache mod_proxy_uwsgi module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 21.04. (CVE-2021-36160) It was discovered that the Apache HTTP Server incorrectly handled escaping quotes. If the server was configured with third-party modules, a remote attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-39275) It was discovered that the Apache mod_proxy module incorrectly handled certain request uri-paths. A remote attacker could possibly use this issue to cause the server to forward requests to arbitrary origin servers. (CVE-2021-40438) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 21.04: apache2 2.4.46-4ubuntu1.2 apache2-bin 2.4.46-4ubuntu1.2 Ubuntu 20.04 LTS: apache2 2.4.41-4ubuntu3.5 apache2-bin 2.4.41-4ubuntu3.5 Ubuntu 18.04 LTS: apache2 2.4.29-1ubuntu4.17 apache2-bin 2.4.29-1ubuntu4.17 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5090-1 CVE-2021-33193, CVE-2021-34798, CVE-2021-36160, CVE-2021-39275, CVE-2021-40438 Package Information: https://launchpad.net/ubuntu/+source/apache2/2.4.46-4ubuntu1.2 https://launchpad.net/ubuntu/+source/apache2/2.4.41-4ubuntu3.5 https://launchpad.net/ubuntu/+source/apache2/2.4.29-1ubuntu4.17 . Multiple vulnerabilities addressed in Apache HTTP Server were resolved with Ubuntu Security Notice USN-5090-1 on September 27, 2021.. Apache Server Security, Ubuntu Apache Update, Denial of Service Fix. . Severity: Critical. LinuxSecurity.com Team
Sep 27, 2021
•Critical
Ubuntu
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!