Headline
RHSA-2022:1045: Red Hat Security Advisory: httpd security update
An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-22720: httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling
Synopsis
Important: httpd security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
- httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling (CVE-2022-22720)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon will be restarted automatically.
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux Desktop 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, big endian 7 ppc64
- Red Hat Enterprise Linux for Scientific Computing 7 x86_64
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 2064321 - CVE-2022-22720 httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling
Red Hat Enterprise Linux Server 7
SRPM
httpd-2.4.6-97.el7_9.5.src.rpm
SHA-256: 39532e15d452512238762e225bbf089555d794fe4cf0eee165539c799451db59
x86_64
httpd-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 1bf419dce157fa5286e3e506e55df31a3b22e68b4e8c0a17640fce049cb5602e
httpd-debuginfo-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: b1f13c5e87c2c9b828ff087edd99701897c70ba040d37a11de965f8367e6064b
httpd-debuginfo-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: b1f13c5e87c2c9b828ff087edd99701897c70ba040d37a11de965f8367e6064b
httpd-devel-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 3c20742666f8812386393207d71561364da3860fd7bcdfe223fa120df64f1f07
httpd-manual-2.4.6-97.el7_9.5.noarch.rpm
SHA-256: 1d45e52d06e07ced341773e20abd239e5f5d2c33f87686fad4c1e3ce163f53fd
httpd-tools-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 496f1fa6ce0fa216621e22b79a237599bd769350a2b0123f8ee5ef29563e60c4
mod_ldap-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: c21ecc81b3f8455d863ab3cbd0a90a2fb94dfe4adffeab29fb100870e25c113a
mod_proxy_html-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: a33500ee1e1f011725b6162e5b4ba1fe15c1ae4925db0b061b83e2035cfc87d9
mod_session-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 1f0301d9ed893a42664e9d2ce61aed9f65017148f85060bdce46e4c83a249cb2
mod_ssl-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: cc2925b0c22fa16f5bd4a2485b851b39956f3f8b62eb78d37b40ad34614fe748
Red Hat Enterprise Linux Workstation 7
SRPM
httpd-2.4.6-97.el7_9.5.src.rpm
SHA-256: 39532e15d452512238762e225bbf089555d794fe4cf0eee165539c799451db59
x86_64
httpd-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 1bf419dce157fa5286e3e506e55df31a3b22e68b4e8c0a17640fce049cb5602e
httpd-debuginfo-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: b1f13c5e87c2c9b828ff087edd99701897c70ba040d37a11de965f8367e6064b
httpd-debuginfo-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: b1f13c5e87c2c9b828ff087edd99701897c70ba040d37a11de965f8367e6064b
httpd-devel-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 3c20742666f8812386393207d71561364da3860fd7bcdfe223fa120df64f1f07
httpd-manual-2.4.6-97.el7_9.5.noarch.rpm
SHA-256: 1d45e52d06e07ced341773e20abd239e5f5d2c33f87686fad4c1e3ce163f53fd
httpd-tools-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 496f1fa6ce0fa216621e22b79a237599bd769350a2b0123f8ee5ef29563e60c4
mod_ldap-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: c21ecc81b3f8455d863ab3cbd0a90a2fb94dfe4adffeab29fb100870e25c113a
mod_proxy_html-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: a33500ee1e1f011725b6162e5b4ba1fe15c1ae4925db0b061b83e2035cfc87d9
mod_session-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 1f0301d9ed893a42664e9d2ce61aed9f65017148f85060bdce46e4c83a249cb2
mod_ssl-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: cc2925b0c22fa16f5bd4a2485b851b39956f3f8b62eb78d37b40ad34614fe748
Red Hat Enterprise Linux Desktop 7
SRPM
httpd-2.4.6-97.el7_9.5.src.rpm
SHA-256: 39532e15d452512238762e225bbf089555d794fe4cf0eee165539c799451db59
x86_64
httpd-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 1bf419dce157fa5286e3e506e55df31a3b22e68b4e8c0a17640fce049cb5602e
httpd-debuginfo-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: b1f13c5e87c2c9b828ff087edd99701897c70ba040d37a11de965f8367e6064b
httpd-devel-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 3c20742666f8812386393207d71561364da3860fd7bcdfe223fa120df64f1f07
httpd-manual-2.4.6-97.el7_9.5.noarch.rpm
SHA-256: 1d45e52d06e07ced341773e20abd239e5f5d2c33f87686fad4c1e3ce163f53fd
httpd-tools-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 496f1fa6ce0fa216621e22b79a237599bd769350a2b0123f8ee5ef29563e60c4
mod_ldap-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: c21ecc81b3f8455d863ab3cbd0a90a2fb94dfe4adffeab29fb100870e25c113a
mod_proxy_html-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: a33500ee1e1f011725b6162e5b4ba1fe15c1ae4925db0b061b83e2035cfc87d9
mod_session-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 1f0301d9ed893a42664e9d2ce61aed9f65017148f85060bdce46e4c83a249cb2
mod_ssl-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: cc2925b0c22fa16f5bd4a2485b851b39956f3f8b62eb78d37b40ad34614fe748
Red Hat Enterprise Linux for IBM z Systems 7
SRPM
httpd-2.4.6-97.el7_9.5.src.rpm
SHA-256: 39532e15d452512238762e225bbf089555d794fe4cf0eee165539c799451db59
s390x
httpd-2.4.6-97.el7_9.5.s390x.rpm
SHA-256: 7931ed8593d4b0c5a15197a650d5c6048938418bd0f8a45b745f45dd2d5f0344
httpd-debuginfo-2.4.6-97.el7_9.5.s390x.rpm
SHA-256: 04e776183dc959148185e207060a59bbb5777a1521ed07586ca181f28bb9fa90
httpd-debuginfo-2.4.6-97.el7_9.5.s390x.rpm
SHA-256: 04e776183dc959148185e207060a59bbb5777a1521ed07586ca181f28bb9fa90
httpd-devel-2.4.6-97.el7_9.5.s390x.rpm
SHA-256: 559e33bc6b3ab9bf5e61e21dcbfc7b8adf6be8537b13b2196fd4bcb676a63ccb
httpd-manual-2.4.6-97.el7_9.5.noarch.rpm
SHA-256: 1d45e52d06e07ced341773e20abd239e5f5d2c33f87686fad4c1e3ce163f53fd
httpd-tools-2.4.6-97.el7_9.5.s390x.rpm
SHA-256: ee6b5b08b4df8918913216f653e1502a5108bc696569c06364892ed55b3b21f4
mod_ldap-2.4.6-97.el7_9.5.s390x.rpm
SHA-256: d6b83ad072d4ea8b72423d402ea8052989c7ce0d4a205b9b6f339d2b91866b98
mod_proxy_html-2.4.6-97.el7_9.5.s390x.rpm
SHA-256: 53410966dbb530034707ada71cb549a3a0a6bf0a3a88f9cf0ceabafc6c5f0fc0
mod_session-2.4.6-97.el7_9.5.s390x.rpm
SHA-256: 3cee3178c93b921f6f0d823f7fdd65260fda2594693e139d0b13b384c55f9946
mod_ssl-2.4.6-97.el7_9.5.s390x.rpm
SHA-256: 6ec94e5a10212d5c55904fbb664446568b1df4e6a2f38b418c6e0212c32e3787
Red Hat Enterprise Linux for Power, big endian 7
SRPM
httpd-2.4.6-97.el7_9.5.src.rpm
SHA-256: 39532e15d452512238762e225bbf089555d794fe4cf0eee165539c799451db59
ppc64
httpd-2.4.6-97.el7_9.5.ppc64.rpm
SHA-256: 1911c3252d4b6e03147399b04b27f3236377b7ebfe4898ba6195e9cdac9ad51a
httpd-debuginfo-2.4.6-97.el7_9.5.ppc64.rpm
SHA-256: cdb6a3949775b381a1569b9a1085805c3eab0fa2d726d6f501f066d5aea3bf1a
httpd-debuginfo-2.4.6-97.el7_9.5.ppc64.rpm
SHA-256: cdb6a3949775b381a1569b9a1085805c3eab0fa2d726d6f501f066d5aea3bf1a
httpd-devel-2.4.6-97.el7_9.5.ppc64.rpm
SHA-256: 4ea19ee12d96c00258d60850556474f07e059a1d1eecbebb2b29ef6722ff73c5
httpd-manual-2.4.6-97.el7_9.5.noarch.rpm
SHA-256: 1d45e52d06e07ced341773e20abd239e5f5d2c33f87686fad4c1e3ce163f53fd
httpd-tools-2.4.6-97.el7_9.5.ppc64.rpm
SHA-256: cd39ed3d67623ec74c95e97f9754a5b080d0720cad6caa94fd896be653374810
mod_ldap-2.4.6-97.el7_9.5.ppc64.rpm
SHA-256: de6209be58a6257f5ec09f70191d57d01594c45f3b107ce73fdd9dae600e3142
mod_proxy_html-2.4.6-97.el7_9.5.ppc64.rpm
SHA-256: 9e898f457ebc65f3c88ba39182ccc7d9a0d53207bbc69ab2196dfddb4727ee2e
mod_session-2.4.6-97.el7_9.5.ppc64.rpm
SHA-256: 86bb4fb24bfafaaca46c475874fe714fa83ebd322fddfe54fc60afc8a12949de
mod_ssl-2.4.6-97.el7_9.5.ppc64.rpm
SHA-256: 63541b716c1f1c5d8f570d4c0f92db0fdb25d3386904e684b112bda2d56e6547
Red Hat Enterprise Linux for Scientific Computing 7
SRPM
httpd-2.4.6-97.el7_9.5.src.rpm
SHA-256: 39532e15d452512238762e225bbf089555d794fe4cf0eee165539c799451db59
x86_64
httpd-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 1bf419dce157fa5286e3e506e55df31a3b22e68b4e8c0a17640fce049cb5602e
httpd-debuginfo-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: b1f13c5e87c2c9b828ff087edd99701897c70ba040d37a11de965f8367e6064b
httpd-devel-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 3c20742666f8812386393207d71561364da3860fd7bcdfe223fa120df64f1f07
httpd-manual-2.4.6-97.el7_9.5.noarch.rpm
SHA-256: 1d45e52d06e07ced341773e20abd239e5f5d2c33f87686fad4c1e3ce163f53fd
httpd-tools-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 496f1fa6ce0fa216621e22b79a237599bd769350a2b0123f8ee5ef29563e60c4
mod_ldap-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: c21ecc81b3f8455d863ab3cbd0a90a2fb94dfe4adffeab29fb100870e25c113a
mod_proxy_html-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: a33500ee1e1f011725b6162e5b4ba1fe15c1ae4925db0b061b83e2035cfc87d9
mod_session-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: 1f0301d9ed893a42664e9d2ce61aed9f65017148f85060bdce46e4c83a249cb2
mod_ssl-2.4.6-97.el7_9.5.x86_64.rpm
SHA-256: cc2925b0c22fa16f5bd4a2485b851b39956f3f8b62eb78d37b40ad34614fe748
Red Hat Enterprise Linux for Power, little endian 7
SRPM
httpd-2.4.6-97.el7_9.5.src.rpm
SHA-256: 39532e15d452512238762e225bbf089555d794fe4cf0eee165539c799451db59
ppc64le
httpd-2.4.6-97.el7_9.5.ppc64le.rpm
SHA-256: c2b506a4006d279869774edbd64253076a934da8841f4325ff8b64ddde1e8e99
httpd-debuginfo-2.4.6-97.el7_9.5.ppc64le.rpm
SHA-256: 48078a92c9ea77f399c259f9a7e6c8e9e5d19dde78864d4c52182a298e7a5bc6
httpd-debuginfo-2.4.6-97.el7_9.5.ppc64le.rpm
SHA-256: 48078a92c9ea77f399c259f9a7e6c8e9e5d19dde78864d4c52182a298e7a5bc6
httpd-devel-2.4.6-97.el7_9.5.ppc64le.rpm
SHA-256: b2dc5b0f75953f9e049e5f74f18700aa5ee2cca92656e5de1627656ab71f63f9
httpd-manual-2.4.6-97.el7_9.5.noarch.rpm
SHA-256: 1d45e52d06e07ced341773e20abd239e5f5d2c33f87686fad4c1e3ce163f53fd
httpd-tools-2.4.6-97.el7_9.5.ppc64le.rpm
SHA-256: 9b7df562c4b7e9c71327099a14c15603008cbc2c96bdffc049998e0fab8621f2
mod_ldap-2.4.6-97.el7_9.5.ppc64le.rpm
SHA-256: 554d83b8cd686bc8404479477997f1f140c724a8ca425e947da79dbfdb52aaa8
mod_proxy_html-2.4.6-97.el7_9.5.ppc64le.rpm
SHA-256: 0bf13aac4bb23fc1ae328d51b992be3304695f4596d59068933265bda1569016
mod_session-2.4.6-97.el7_9.5.ppc64le.rpm
SHA-256: bd268f68eeb0e49e58c26cd8c26a954f4dbe0d550cd65ea85ba9e3e86f9b5123
mod_ssl-2.4.6-97.el7_9.5.ppc64le.rpm
SHA-256: 2971cd9a09e7208f286c8bb52e0a4051b1edd107d127e1807180546a10ab4d5f