Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:1916: Red Hat Security Advisory: httpd and mod_http2 security update

An update for httpd and mod_http2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-25690: A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request-target (URL) data and is then re-inserted into the proxied request-target using variable substitution.
Red Hat Security Data
#vulnerability#web#linux#red_hat#apache#ldap#ibm#sap#ssl

Synopsis

Important: httpd and mod_http2 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for httpd and mod_http2 is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

  • httpd: HTTP request splitting with mod_rewrite and mod_proxy (CVE-2023-25690)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, the httpd daemon will be restarted automatically.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

Fixes

  • BZ - 2176209 - CVE-2023-25690 httpd: HTTP request splitting with mod_rewrite and mod_proxy

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM

httpd-2.4.51-7.el9_0.4.src.rpm

SHA-256: f02356cca8868085a3137b73674a8374a61cf13c627c3e081260f124e8080e2a

mod_http2-1.15.19-3.el9_0.5.src.rpm

SHA-256: 8ac9c4f5785ecfc4eec416cd5cb3ddbe7b4541c433496d5fff5f2aa120aa5b0b

x86_64

httpd-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 176d75f28b727e1efe0d57a6290e5deba8f17197d93fd5812192c0c0d0d7927c

httpd-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: ce2e59cdf938ae8debf42ac12eb60e66a1083970fba6784945cadb4ac45e7689

httpd-debugsource-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 1a674686830c2c2c9b207d92c13c37e16dfcd05e116d08155df5fb32e40c7e68

httpd-devel-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 121d48b0edf510e1a2cd808b535128c92f180117b0d2dc525c2e99e7985107b8

httpd-filesystem-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: b92124ada152c9dda1f5a77675391a6b964976c230cb1e6d7d4511a6a9e4cc35

httpd-manual-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: c3147cdc2780f64b8f4216a44e84fba3dba65a02f53071dcc8e0f143cdbf8b63

httpd-tools-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 8b0f57eba7d985b68b9b4cd66a9770b70e2d027428c4030c32691570a79b116d

httpd-tools-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 711c2469854a4f3546f140440601b05a3050e4cf4c92e807d1b68e2e37eaa442

mod_http2-1.15.19-3.el9_0.5.x86_64.rpm

SHA-256: 35465e92f2e8ba16171b1e93a6ba560cf2851ca16b0c721859e71930a5dca7a5

mod_http2-debuginfo-1.15.19-3.el9_0.5.x86_64.rpm

SHA-256: 1a18fd6c561fe409e0d2ada40dc87a8299f6016d5523421f4b79c44b4c182c00

mod_http2-debugsource-1.15.19-3.el9_0.5.x86_64.rpm

SHA-256: 0f99293b383612f07a2f106d645de51d5686838a6293d7f653ebd91a6cdfbb48

mod_ldap-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 2200bdb329c570000e7bf3931cb0b98ee8db5ed7389a1920b5de7d9bc11626b9

mod_ldap-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 891cfc7c7a15bf173925e68770bd40bdf420aaa34edacc09ed491ece92a0b8d5

mod_lua-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: ede55eb59397c4e28a65931679896a28813ec550e59bccb80c9081440f47ea2b

mod_lua-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: edeb971cc9316011779002535d9a8d15965be13eaf60c88ff7446b0a35655bed

mod_proxy_html-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 33f887f9763e23a15713f6cef68bdd1429b5a99cf3fdc77f5201373f43421c89

mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 8aa7425ab7a07ee596df9405634b834839f16dc1d892fde5859883bfed86df54

mod_session-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 6867d39d44f2649d44b2205f8d1adf5b60c119c1cedce2ce87b25242ab6e4c4e

mod_session-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 4e65e42c6c369b4183114fb2686cf5a680df73d9c5381a5a60fdc91833a9da2e

mod_ssl-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: d4ce82879302453338199b5de9292fc4c866eabbb73034239be132460b4cc67b

mod_ssl-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 4e1783986117c5a43fa3a55c11710626d55b1db96565e147a4c3551403011311

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0

SRPM

httpd-2.4.51-7.el9_0.4.src.rpm

SHA-256: f02356cca8868085a3137b73674a8374a61cf13c627c3e081260f124e8080e2a

mod_http2-1.15.19-3.el9_0.5.src.rpm

SHA-256: 8ac9c4f5785ecfc4eec416cd5cb3ddbe7b4541c433496d5fff5f2aa120aa5b0b

s390x

httpd-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 5a5b690e77512b47a83a55aa552bc122b343d9ed7150a4038f5177100199a046

httpd-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 40ae689f9871f8acef3ddc7b1edd1fb7a9300fd92b2fe69b1ee3af482ad79a00

httpd-debugsource-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: b7a2c12fa30784214b8a333a93459b64865956c9995e18a28bff9ec735280437

httpd-devel-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 62d67f479d427a1f83c9a28c842040e79cac277377f6ba16d72b50c7d12d7437

httpd-filesystem-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: b92124ada152c9dda1f5a77675391a6b964976c230cb1e6d7d4511a6a9e4cc35

httpd-manual-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: c3147cdc2780f64b8f4216a44e84fba3dba65a02f53071dcc8e0f143cdbf8b63

httpd-tools-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 3efabd8c2dcd25a439df675ba81570b876beddf4abfd61636cf4d52172cfc8d2

httpd-tools-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 46dceabcfdebd8b813e675dfb7d6522330672ac7b41dd9bef57f94289c000f50

mod_http2-1.15.19-3.el9_0.5.s390x.rpm

SHA-256: 2f7c410ef6ce0a989cdd9fde7dc4b26d52789d50569f574466a43cbbe87f11ef

mod_http2-debuginfo-1.15.19-3.el9_0.5.s390x.rpm

SHA-256: e36b365dcd487f66ccb283e643f71ea1aa6b0f09c84fba40929029213c8ac19d

mod_http2-debugsource-1.15.19-3.el9_0.5.s390x.rpm

SHA-256: 31519e56f70d0cac3760749ed1f291052405fdbc0f8e0e4680d8b9250c9a2cd6

mod_ldap-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: b0a578bc26b4a173db153d7c22ab681a067251a9d91a4be2f8cceef337eaa24c

mod_ldap-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 140d9507df966e9cba35374a8d51674802675bec158e9447d72c92f5c82236b2

mod_lua-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: ae5f23f1154d2249151c9a03ad2604a596a2f17e95f6a9b64ddc215ebf9f0c5e

mod_lua-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 3f4b0b075a80a641b411845124d1550fa47e66a3d195129f2d8d509f4cb91eea

mod_proxy_html-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: dc67f3e2147826b01b5eda7b72c98f4e6cdabca0906a2e5a514881f504b9f486

mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: b5c882274840e9630658b4b6fbb61733673fb6d4fbfcc916f66dd0b9ac640986

mod_session-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 89a91a9e249bcbd7150da8cbea5bda7ee00e42198ed53281dc376199bbd86350

mod_session-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 2abc9277ea1a244233d4b848d0ece3427168b9ace2e697d4a30cee6182641502

mod_ssl-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 4b11a21f0ba3eafaf772ecdb6f7c0c240006520a6ae686afcd0415e1f0331c24

mod_ssl-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 8bd10c66c3a3fe90da92967738cd78b39e342e959e3b753577eac8c112ce9e45

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM

httpd-2.4.51-7.el9_0.4.src.rpm

SHA-256: f02356cca8868085a3137b73674a8374a61cf13c627c3e081260f124e8080e2a

mod_http2-1.15.19-3.el9_0.5.src.rpm

SHA-256: 8ac9c4f5785ecfc4eec416cd5cb3ddbe7b4541c433496d5fff5f2aa120aa5b0b

ppc64le

httpd-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: a01ad7d2ccfa0a8effb36028a05a620fd8943ea41ee149f747cf6833483f5f1e

httpd-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 8c3c76d6f71310fb95bffdc4927e0ce902e0d91a388031a5fc2d9bcc6ec7a7a6

httpd-debugsource-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 58defb770eaac2601e68903dae20126d1b29ae4780c2b2fe835b7b519100234b

httpd-devel-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 7cc427c958da20e344719a1081f1dff797a955e3040b8a0130c8124e8da2b235

httpd-filesystem-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: b92124ada152c9dda1f5a77675391a6b964976c230cb1e6d7d4511a6a9e4cc35

httpd-manual-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: c3147cdc2780f64b8f4216a44e84fba3dba65a02f53071dcc8e0f143cdbf8b63

httpd-tools-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: eeb95a88765700e0d8b9610f1dbfe811650ba4ea5f80006182bc58aefc11b5bb

httpd-tools-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: c2fa2cca5651076304675ef038fdfcd6659f3d8fc81730633ec6608df58493b4

mod_http2-1.15.19-3.el9_0.5.ppc64le.rpm

SHA-256: c56ac833f30276d8560566bbe298c56b1daf20ee46f7ebdadf82c1c7aacb3ef0

mod_http2-debuginfo-1.15.19-3.el9_0.5.ppc64le.rpm

SHA-256: 777d2bb6ef360dec48989b78d39f24bee146cfc9fd08ae24cf7197a6496bd145

mod_http2-debugsource-1.15.19-3.el9_0.5.ppc64le.rpm

SHA-256: 3f021dea9f3824680e4dea5ce438affcfcd822afcedcef50c6f4a3f423b4bec1

mod_ldap-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: c39de14ba2f0bd1163463df21ca4776bc67b48360868903bbdd8ae3eab7ee584

mod_ldap-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 7edbbb36f32d02f72e8bfa16b037a37cbda3faf0fc611f1e70175dbcd0d92734

mod_lua-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: cde4aeafcae26950ba5925201783f1c8231ffbd3845a8e9404f6ce1d24b71483

mod_lua-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: b0f53b814069792825f4e4b4edc2c24e7aa3a0cb141181af0691ec9766659d91

mod_proxy_html-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: ef1de2e0eeb1efe3542a5e6d99145085a4d183a3a4c6c5e551df17310a6d203d

mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 3a96fbe42b52d026bb647906fb12e366f3acaa6254467c2ebb8ed0291c2d6318

mod_session-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: eceb9678d12fbdd98848343e2a83ff989099b509e28bb8c51620b2bb898a4829

mod_session-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 66bfb6669316f72e7be154fb0c6f40e32965d503b6a387f6fb7727b7c342b263

mod_ssl-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 8d37543fc41fd0c33eafcc31938429963e5f829f76cc78d141e3a3f3eda9ddab

mod_ssl-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 1b2375139a2334c288e63ee2d44f89f655f7406b0a8e86c8afdac1ac7c4ab406

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0

SRPM

httpd-2.4.51-7.el9_0.4.src.rpm

SHA-256: f02356cca8868085a3137b73674a8374a61cf13c627c3e081260f124e8080e2a

mod_http2-1.15.19-3.el9_0.5.src.rpm

SHA-256: 8ac9c4f5785ecfc4eec416cd5cb3ddbe7b4541c433496d5fff5f2aa120aa5b0b

aarch64

httpd-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 319dbffeacd97c97e1b523c9bf812430e19f99a1e88aca1152fa10e00a6fba7e

httpd-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: f001e1f717c38b850b22b4b22bfcd24cb3cbabf4802000728a10bed3f5b9b828

httpd-debugsource-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 3814a607990c5f30253829b140756962f28c90276e68bf0fc10bd7a4d25d786c

httpd-devel-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 6f86febbe040c9b63f3e0b6af4e1987b81a69a7264f81b3028bc34caff857802

httpd-filesystem-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: b92124ada152c9dda1f5a77675391a6b964976c230cb1e6d7d4511a6a9e4cc35

httpd-manual-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: c3147cdc2780f64b8f4216a44e84fba3dba65a02f53071dcc8e0f143cdbf8b63

httpd-tools-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 5afa8810146f9f1af242186d42c0d5c84f6f47799d99cf15e45b2b1b65727e96

httpd-tools-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 775679ace34668432a76cf81cb503a0aaff7bdb717efda30eaac3a865f61cbd9

mod_http2-1.15.19-3.el9_0.5.aarch64.rpm

SHA-256: c5db9b72570817183f2aff488e39dd37282027e5eed6fc5c7c1a214eb09f7699

mod_http2-debuginfo-1.15.19-3.el9_0.5.aarch64.rpm

SHA-256: 4b0626bdd641466becd963396f97fdf2e42953316df3f45e48b3593605863105

mod_http2-debugsource-1.15.19-3.el9_0.5.aarch64.rpm

SHA-256: bec41cda95e3c157e1454adeb51536fee118007af2649c92a163260b7facb2da

mod_ldap-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 3433a138ac2a74100b191267df8beb1659f0143bdd6579f88b45c2105a25f18e

mod_ldap-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: c0c61c755850f24d911e072ff07e1d6260e065fc7adcb850a81b4d10f633a252

mod_lua-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 5b7d645af3b8c0b5e43163a842ae9c425acd2851e922bf3c3f0a579ffed5e252

mod_lua-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 56f5794251a2eabcb66ec9325f5b53e961cedcfebf8b550b98ae65c8691de711

mod_proxy_html-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: cb187807b957a5c4bbf1a83c922845851ae2e6bf94419215c807f686b0fb5000

mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: f2de099620303f9347f69992623d6c8ebde8495d607ac560607e5560dd59cf42

mod_session-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: bb050ad51134826563eae7cc096182eb13a47c0099187292ccdceeba1d40424f

mod_session-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: b3a8ff624d931fb7add07c7aa33c08949e68b8ee3f05f3cc50c9cd72bf190ea2

mod_ssl-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: adfc14266129fab2627d6e94359f508c9bd33d000bae26ccdb4debf3ca9ae354

mod_ssl-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 6cc0682c10d807b60ce0dc55ff60925b957896afbec6603ed38e857b0c72a4f7

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM

httpd-2.4.51-7.el9_0.4.src.rpm

SHA-256: f02356cca8868085a3137b73674a8374a61cf13c627c3e081260f124e8080e2a

mod_http2-1.15.19-3.el9_0.5.src.rpm

SHA-256: 8ac9c4f5785ecfc4eec416cd5cb3ddbe7b4541c433496d5fff5f2aa120aa5b0b

ppc64le

httpd-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: a01ad7d2ccfa0a8effb36028a05a620fd8943ea41ee149f747cf6833483f5f1e

httpd-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 8c3c76d6f71310fb95bffdc4927e0ce902e0d91a388031a5fc2d9bcc6ec7a7a6

httpd-debugsource-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 58defb770eaac2601e68903dae20126d1b29ae4780c2b2fe835b7b519100234b

httpd-devel-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 7cc427c958da20e344719a1081f1dff797a955e3040b8a0130c8124e8da2b235

httpd-filesystem-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: b92124ada152c9dda1f5a77675391a6b964976c230cb1e6d7d4511a6a9e4cc35

httpd-manual-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: c3147cdc2780f64b8f4216a44e84fba3dba65a02f53071dcc8e0f143cdbf8b63

httpd-tools-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: eeb95a88765700e0d8b9610f1dbfe811650ba4ea5f80006182bc58aefc11b5bb

httpd-tools-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: c2fa2cca5651076304675ef038fdfcd6659f3d8fc81730633ec6608df58493b4

mod_http2-1.15.19-3.el9_0.5.ppc64le.rpm

SHA-256: c56ac833f30276d8560566bbe298c56b1daf20ee46f7ebdadf82c1c7aacb3ef0

mod_http2-debuginfo-1.15.19-3.el9_0.5.ppc64le.rpm

SHA-256: 777d2bb6ef360dec48989b78d39f24bee146cfc9fd08ae24cf7197a6496bd145

mod_http2-debugsource-1.15.19-3.el9_0.5.ppc64le.rpm

SHA-256: 3f021dea9f3824680e4dea5ce438affcfcd822afcedcef50c6f4a3f423b4bec1

mod_ldap-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: c39de14ba2f0bd1163463df21ca4776bc67b48360868903bbdd8ae3eab7ee584

mod_ldap-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 7edbbb36f32d02f72e8bfa16b037a37cbda3faf0fc611f1e70175dbcd0d92734

mod_lua-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: cde4aeafcae26950ba5925201783f1c8231ffbd3845a8e9404f6ce1d24b71483

mod_lua-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: b0f53b814069792825f4e4b4edc2c24e7aa3a0cb141181af0691ec9766659d91

mod_proxy_html-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: ef1de2e0eeb1efe3542a5e6d99145085a4d183a3a4c6c5e551df17310a6d203d

mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 3a96fbe42b52d026bb647906fb12e366f3acaa6254467c2ebb8ed0291c2d6318

mod_session-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: eceb9678d12fbdd98848343e2a83ff989099b509e28bb8c51620b2bb898a4829

mod_session-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 66bfb6669316f72e7be154fb0c6f40e32965d503b6a387f6fb7727b7c342b263

mod_ssl-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 8d37543fc41fd0c33eafcc31938429963e5f829f76cc78d141e3a3f3eda9ddab

mod_ssl-debuginfo-2.4.51-7.el9_0.4.ppc64le.rpm

SHA-256: 1b2375139a2334c288e63ee2d44f89f655f7406b0a8e86c8afdac1ac7c4ab406

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM

httpd-2.4.51-7.el9_0.4.src.rpm

SHA-256: f02356cca8868085a3137b73674a8374a61cf13c627c3e081260f124e8080e2a

mod_http2-1.15.19-3.el9_0.5.src.rpm

SHA-256: 8ac9c4f5785ecfc4eec416cd5cb3ddbe7b4541c433496d5fff5f2aa120aa5b0b

x86_64

httpd-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 176d75f28b727e1efe0d57a6290e5deba8f17197d93fd5812192c0c0d0d7927c

httpd-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: ce2e59cdf938ae8debf42ac12eb60e66a1083970fba6784945cadb4ac45e7689

httpd-debugsource-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 1a674686830c2c2c9b207d92c13c37e16dfcd05e116d08155df5fb32e40c7e68

httpd-devel-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 121d48b0edf510e1a2cd808b535128c92f180117b0d2dc525c2e99e7985107b8

httpd-filesystem-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: b92124ada152c9dda1f5a77675391a6b964976c230cb1e6d7d4511a6a9e4cc35

httpd-manual-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: c3147cdc2780f64b8f4216a44e84fba3dba65a02f53071dcc8e0f143cdbf8b63

httpd-tools-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 8b0f57eba7d985b68b9b4cd66a9770b70e2d027428c4030c32691570a79b116d

httpd-tools-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 711c2469854a4f3546f140440601b05a3050e4cf4c92e807d1b68e2e37eaa442

mod_http2-1.15.19-3.el9_0.5.x86_64.rpm

SHA-256: 35465e92f2e8ba16171b1e93a6ba560cf2851ca16b0c721859e71930a5dca7a5

mod_http2-debuginfo-1.15.19-3.el9_0.5.x86_64.rpm

SHA-256: 1a18fd6c561fe409e0d2ada40dc87a8299f6016d5523421f4b79c44b4c182c00

mod_http2-debugsource-1.15.19-3.el9_0.5.x86_64.rpm

SHA-256: 0f99293b383612f07a2f106d645de51d5686838a6293d7f653ebd91a6cdfbb48

mod_ldap-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 2200bdb329c570000e7bf3931cb0b98ee8db5ed7389a1920b5de7d9bc11626b9

mod_ldap-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 891cfc7c7a15bf173925e68770bd40bdf420aaa34edacc09ed491ece92a0b8d5

mod_lua-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: ede55eb59397c4e28a65931679896a28813ec550e59bccb80c9081440f47ea2b

mod_lua-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: edeb971cc9316011779002535d9a8d15965be13eaf60c88ff7446b0a35655bed

mod_proxy_html-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 33f887f9763e23a15713f6cef68bdd1429b5a99cf3fdc77f5201373f43421c89

mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 8aa7425ab7a07ee596df9405634b834839f16dc1d892fde5859883bfed86df54

mod_session-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 6867d39d44f2649d44b2205f8d1adf5b60c119c1cedce2ce87b25242ab6e4c4e

mod_session-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 4e65e42c6c369b4183114fb2686cf5a680df73d9c5381a5a60fdc91833a9da2e

mod_ssl-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: d4ce82879302453338199b5de9292fc4c866eabbb73034239be132460b4cc67b

mod_ssl-debuginfo-2.4.51-7.el9_0.4.x86_64.rpm

SHA-256: 4e1783986117c5a43fa3a55c11710626d55b1db96565e147a4c3551403011311

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0

SRPM

httpd-2.4.51-7.el9_0.4.src.rpm

SHA-256: f02356cca8868085a3137b73674a8374a61cf13c627c3e081260f124e8080e2a

mod_http2-1.15.19-3.el9_0.5.src.rpm

SHA-256: 8ac9c4f5785ecfc4eec416cd5cb3ddbe7b4541c433496d5fff5f2aa120aa5b0b

aarch64

httpd-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 319dbffeacd97c97e1b523c9bf812430e19f99a1e88aca1152fa10e00a6fba7e

httpd-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: f001e1f717c38b850b22b4b22bfcd24cb3cbabf4802000728a10bed3f5b9b828

httpd-debugsource-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 3814a607990c5f30253829b140756962f28c90276e68bf0fc10bd7a4d25d786c

httpd-devel-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 6f86febbe040c9b63f3e0b6af4e1987b81a69a7264f81b3028bc34caff857802

httpd-filesystem-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: b92124ada152c9dda1f5a77675391a6b964976c230cb1e6d7d4511a6a9e4cc35

httpd-manual-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: c3147cdc2780f64b8f4216a44e84fba3dba65a02f53071dcc8e0f143cdbf8b63

httpd-tools-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 5afa8810146f9f1af242186d42c0d5c84f6f47799d99cf15e45b2b1b65727e96

httpd-tools-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 775679ace34668432a76cf81cb503a0aaff7bdb717efda30eaac3a865f61cbd9

mod_http2-1.15.19-3.el9_0.5.aarch64.rpm

SHA-256: c5db9b72570817183f2aff488e39dd37282027e5eed6fc5c7c1a214eb09f7699

mod_http2-debuginfo-1.15.19-3.el9_0.5.aarch64.rpm

SHA-256: 4b0626bdd641466becd963396f97fdf2e42953316df3f45e48b3593605863105

mod_http2-debugsource-1.15.19-3.el9_0.5.aarch64.rpm

SHA-256: bec41cda95e3c157e1454adeb51536fee118007af2649c92a163260b7facb2da

mod_ldap-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 3433a138ac2a74100b191267df8beb1659f0143bdd6579f88b45c2105a25f18e

mod_ldap-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: c0c61c755850f24d911e072ff07e1d6260e065fc7adcb850a81b4d10f633a252

mod_lua-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 5b7d645af3b8c0b5e43163a842ae9c425acd2851e922bf3c3f0a579ffed5e252

mod_lua-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 56f5794251a2eabcb66ec9325f5b53e961cedcfebf8b550b98ae65c8691de711

mod_proxy_html-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: cb187807b957a5c4bbf1a83c922845851ae2e6bf94419215c807f686b0fb5000

mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: f2de099620303f9347f69992623d6c8ebde8495d607ac560607e5560dd59cf42

mod_session-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: bb050ad51134826563eae7cc096182eb13a47c0099187292ccdceeba1d40424f

mod_session-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: b3a8ff624d931fb7add07c7aa33c08949e68b8ee3f05f3cc50c9cd72bf190ea2

mod_ssl-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: adfc14266129fab2627d6e94359f508c9bd33d000bae26ccdb4debf3ca9ae354

mod_ssl-debuginfo-2.4.51-7.el9_0.4.aarch64.rpm

SHA-256: 6cc0682c10d807b60ce0dc55ff60925b957896afbec6603ed38e857b0c72a4f7

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0

SRPM

httpd-2.4.51-7.el9_0.4.src.rpm

SHA-256: f02356cca8868085a3137b73674a8374a61cf13c627c3e081260f124e8080e2a

mod_http2-1.15.19-3.el9_0.5.src.rpm

SHA-256: 8ac9c4f5785ecfc4eec416cd5cb3ddbe7b4541c433496d5fff5f2aa120aa5b0b

s390x

httpd-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 5a5b690e77512b47a83a55aa552bc122b343d9ed7150a4038f5177100199a046

httpd-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 40ae689f9871f8acef3ddc7b1edd1fb7a9300fd92b2fe69b1ee3af482ad79a00

httpd-debugsource-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: b7a2c12fa30784214b8a333a93459b64865956c9995e18a28bff9ec735280437

httpd-devel-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 62d67f479d427a1f83c9a28c842040e79cac277377f6ba16d72b50c7d12d7437

httpd-filesystem-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: b92124ada152c9dda1f5a77675391a6b964976c230cb1e6d7d4511a6a9e4cc35

httpd-manual-2.4.51-7.el9_0.4.noarch.rpm

SHA-256: c3147cdc2780f64b8f4216a44e84fba3dba65a02f53071dcc8e0f143cdbf8b63

httpd-tools-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 3efabd8c2dcd25a439df675ba81570b876beddf4abfd61636cf4d52172cfc8d2

httpd-tools-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 46dceabcfdebd8b813e675dfb7d6522330672ac7b41dd9bef57f94289c000f50

mod_http2-1.15.19-3.el9_0.5.s390x.rpm

SHA-256: 2f7c410ef6ce0a989cdd9fde7dc4b26d52789d50569f574466a43cbbe87f11ef

mod_http2-debuginfo-1.15.19-3.el9_0.5.s390x.rpm

SHA-256: e36b365dcd487f66ccb283e643f71ea1aa6b0f09c84fba40929029213c8ac19d

mod_http2-debugsource-1.15.19-3.el9_0.5.s390x.rpm

SHA-256: 31519e56f70d0cac3760749ed1f291052405fdbc0f8e0e4680d8b9250c9a2cd6

mod_ldap-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: b0a578bc26b4a173db153d7c22ab681a067251a9d91a4be2f8cceef337eaa24c

mod_ldap-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 140d9507df966e9cba35374a8d51674802675bec158e9447d72c92f5c82236b2

mod_lua-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: ae5f23f1154d2249151c9a03ad2604a596a2f17e95f6a9b64ddc215ebf9f0c5e

mod_lua-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 3f4b0b075a80a641b411845124d1550fa47e66a3d195129f2d8d509f4cb91eea

mod_proxy_html-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: dc67f3e2147826b01b5eda7b72c98f4e6cdabca0906a2e5a514881f504b9f486

mod_proxy_html-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: b5c882274840e9630658b4b6fbb61733673fb6d4fbfcc916f66dd0b9ac640986

mod_session-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 89a91a9e249bcbd7150da8cbea5bda7ee00e42198ed53281dc376199bbd86350

mod_session-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 2abc9277ea1a244233d4b848d0ece3427168b9ace2e697d4a30cee6182641502

mod_ssl-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 4b11a21f0ba3eafaf772ecdb6f7c0c240006520a6ae686afcd0415e1f0331c24

mod_ssl-debuginfo-2.4.51-7.el9_0.4.s390x.rpm

SHA-256: 8bd10c66c3a3fe90da92967738cd78b39e342e959e3b753577eac8c112ce9e45

Related news

Gentoo Linux Security Advisory 202309-01

Gentoo Linux Security Advisory 202309-1 - Multiple vulnerabilities have been discovered in Apache HTTPD, the worst of which could result in denial of service. Versions greater than or equal to 2.4.56 are affected.

RHSA-2023:3354: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.51 SP2 security update

An update is now available for Red Hat JBoss Core Services Apache HTTP Server 2.4.51 Service Pack 2 on Red Hat Enterprise Linux versions 7 and 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2006-20001: A flaw was found in the mod_dav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service. * CVE-2022-4304: A timing-based side channel exists in the Open...

Red Hat Security Advisory 2023-3292-01

Red Hat Security Advisory 2023-3292-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

RHSA-2023:3292: Red Hat Security Advisory: httpd24-httpd security update

An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-25690: A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-suppli...

Red Hat Security Advisory 2023-1916-01

Red Hat Security Advisory 2023-1916-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Red Hat Security Advisory 2023-1670-01

Red Hat Security Advisory 2023-1670-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

RHSA-2023:1672: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-25690: A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations a...

Red Hat Security Advisory 2023-1597-01

Red Hat Security Advisory 2023-1597-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Red Hat Security Advisory 2023-1547-01

Red Hat Security Advisory 2023-1547-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

RHSA-2023:1597: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-25690: A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches ...

RHSA-2023:1593: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-25690: A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the user-supplied request...

RHSA-2023:1596: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-25690: A vulnerability was found in httpd. This security issue occurs when some mod_proxy configurations on Apache HTTP Server allow an HTTP Request Smuggling attack. Configurations are affected when mod_proxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches ...

Ubuntu Security Notice USN-5942-2

Ubuntu Security Notice 5942-2 - USN-5942-1 fixed vulnerabilities in Apache HTTP Server. This update provides the corresponding update for CVE-2023-25690 for Ubuntu 16.04 ESM. Lars Krapf discovered that the Apache HTTP Server mod_proxy module incorrectly handled certain configurations. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.

Debian Security Advisory 5376-1

Debian Linux Security Advisory 5376-1 - Multiple vulnerabilities have been discovered in the Apache HTTP server, which may result in HTTP response splitting or denial of service.

Ubuntu Security Notice USN-5942-1

Ubuntu Security Notice 5942-1 - Lars Krapf discovered that the Apache HTTP Server mod_proxy module incorrectly handled certain configurations. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. Dimas Fariski Setyawan Putra discovered that the Apache HTTP Server mod_proxy_uwsgi module incorrectly handled certain special characters. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10.