Chapter 3. Security Fixes
This update includes fixes for the following security related issues:
ID | Impact | Summary |
---|---|---|
Moderate | openssl: side-channel weak encryption vulnerability | |
Low | openssl: information disclosure in fork() | |
Low | openssl: information disclosure in PKCS7_dataDecode and CMS_decrypt_set1_pkey | |
Moderate | httpd: memory corruption on early pushes | |
Moderate | httpd: read-after-free in h2 connection shutdown | |
Low | httpd: limited cross-site scripting in mod_proxy error page | |
Moderate | httpd: null-pointer dereference in mod_remoteip | |
Low | httpd: mod_rewrite potential open redirect | |
Moderate | httpd: mod_rewrite configurations vulnerable to open redirect |