- Issued:
- 2011-02-16
- Updated:
- 2011-02-16
RHBA-2011:0237 - Bug Fix Advisory
Synopsis
httpd bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Lightspeed patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated httpd packages that fix multiple bugs and add two enhancements are now
available for Red Hat Enterprise Linux 4.
Description
The Apache HTTP Server is a popular web server.
This update fixes the following bugs:
- Previously the handling of error documents could trigger a recursive error.
Due to this behavior,an additional error message appeared on error pages. This
updated resolves the recursive error. Now, this additional error message does no
longer appear.
- Previously, the warning message "Additionally a <code> error was encountered
while trying to use an ErrorDocument to handle the request." was incorrectly
displayed when an HTTP error (for example 403 Forbidden or 404 Not Found) was
reported. This update backports this issue. The 403 error is now displayed as
intended, but not the `Additionally a 403 error ...' message. (BZ#245483)
- Previously, a memory allocation failure occurred when a large integer was
passed to the "-n" argument for the benchmarking tool. Due to this behavior, the
"ab" tool terminated with a segmentation fault. This update catches the error
condition. The "ab" tool now terminates with an error message in this case.
(BZ#456363)
- Previously, a POST request triggered a redirect that caused the request body
of the POST request being discarded, if the "SSLVerifyClient" directive was used
in Directory or Location context. Due to this behavior, the form or a similar
application input was not processed. With this update, the POST request body is
now preserved correctly across a redirect in a context that allows the form or
other application input to be processed correctly. (BZ#488939)
- Previously, an error in mod_ssl's handling of pending SSL/TLS output data
caused the SSL or TLS not to complete the handshake if the server was configured
to send more than 85 Certificate Authority names in a client certificate
request. This update resolves this error. SSL and TLS handshakes now complete.
(BZ#510518)
- Previously, the hard-coded default location of the pid file used by the httpd
differed from the default used in the httpd.conf configuration file. Due to this
behavior, the init script did not stop or reload the server correctly if the
"PidFile" directive was removed from httpd.conf. With this update, the
hard-coded default pid file location matches the configured default. The init
script now works correctly. (BZ#512221)
This update also adds the following enhancements:
- This update back-ports the "DPI" flag to the mod_rewrite's RewriteRule
directive. This allows a rewrite rule to be used which discards the PATH_INFO
component of the URI. (BZ#517495)
- This update adds the "TraceEnable" directive. This allows the "TRACE" method
to be forcibly disabled. (BZ#478535)
All users of httpd are advised to upgrade to these updated packages, which fix
these bugs and add these enhancements.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
- Red Hat Enterprise Linux Server 4 x86_64
- Red Hat Enterprise Linux Server 4 ia64
- Red Hat Enterprise Linux Server 4 i386
- Red Hat Enterprise Linux Workstation 4 x86_64
- Red Hat Enterprise Linux Workstation 4 ia64
- Red Hat Enterprise Linux Workstation 4 i386
- Red Hat Enterprise Linux Desktop 4 x86_64
- Red Hat Enterprise Linux Desktop 4 i386
- Red Hat Enterprise Linux for IBM z Systems 4 s390x
- Red Hat Enterprise Linux for IBM z Systems 4 s390
- Red Hat Enterprise Linux for Power, big endian 4 ppc
Fixes
- BZ - 214571 - mod_rewrite adds path info postfix after a substitution occured
- BZ - 245483 - Bogus "recursive" errors
- BZ - 456363 - ab -n overflows
- BZ - 478535 - TraceEnable not an option in current httpd
- BZ - 488939 - mod_rewrite+mod_ssl+SSLVerifyClient = no POST variables
- BZ - 510518 - mod_ssl cannot handle more than 85 CAs
- BZ - 512221 - httpd init script does not work when PidFile option is not set in httpd.conf
- BZ - 517495 - "could not get next bucket brigade" while a client is doing a PUT results in data loss
- BZ - 566671 - mod_ssl: Add SSLInsecureRenegotiation directive [rhel-4]
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 4
| SRPM | |
|---|---|
| httpd-2.0.52-47.ent.src.rpm | SHA-256: 14a53eb63d5de255ef82232230c3b358bb585482f87de548973013a01aeb548f |
| x86_64 | |
| httpd-2.0.52-47.ent.x86_64.rpm | SHA-256: 8493e867b7aa1465c01bce095554e7f0fe58b2c5eefdb898c6b6c62dc4a84241 |
| httpd-2.0.52-47.ent.x86_64.rpm | SHA-256: 8493e867b7aa1465c01bce095554e7f0fe58b2c5eefdb898c6b6c62dc4a84241 |
| httpd-devel-2.0.52-47.ent.x86_64.rpm | SHA-256: 24e10b703dc15071a63516246b67efb227ad88139d0ec50a2c7ea53fc386622f |
| httpd-devel-2.0.52-47.ent.x86_64.rpm | SHA-256: 24e10b703dc15071a63516246b67efb227ad88139d0ec50a2c7ea53fc386622f |
| httpd-manual-2.0.52-47.ent.x86_64.rpm | SHA-256: 0548a19c5ec8567c1f8c40c517e2e8029929c8c3e79d2d5964271e90d1050eab |
| httpd-manual-2.0.52-47.ent.x86_64.rpm | SHA-256: 0548a19c5ec8567c1f8c40c517e2e8029929c8c3e79d2d5964271e90d1050eab |
| httpd-suexec-2.0.52-47.ent.x86_64.rpm | SHA-256: c56ecc4149a2f37f4fdb6582d0495960300b15a06f9da311df34f5f75c030811 |
| httpd-suexec-2.0.52-47.ent.x86_64.rpm | SHA-256: c56ecc4149a2f37f4fdb6582d0495960300b15a06f9da311df34f5f75c030811 |
| mod_ssl-2.0.52-47.ent.x86_64.rpm | SHA-256: 527c62d574fbef4965a39fb82c8a827384066c3672baeba5f8e32ef0535732e5 |
| mod_ssl-2.0.52-47.ent.x86_64.rpm | SHA-256: 527c62d574fbef4965a39fb82c8a827384066c3672baeba5f8e32ef0535732e5 |
| ia64 | |
| httpd-2.0.52-47.ent.ia64.rpm | SHA-256: 2acf2f7540c8372913ac4c880cfc18b2924174797ac3a3a144baf4397f98dd74 |
| httpd-2.0.52-47.ent.ia64.rpm | SHA-256: 2acf2f7540c8372913ac4c880cfc18b2924174797ac3a3a144baf4397f98dd74 |
| httpd-devel-2.0.52-47.ent.ia64.rpm | SHA-256: f05071d35ba864fc9bb022ce7e46b2cf0c45b4738d2d541ab6130a9024cf81c1 |
| httpd-devel-2.0.52-47.ent.ia64.rpm | SHA-256: f05071d35ba864fc9bb022ce7e46b2cf0c45b4738d2d541ab6130a9024cf81c1 |
| httpd-manual-2.0.52-47.ent.ia64.rpm | SHA-256: ef4a6da47d7fae78cb25ff065d2151cf491c5fa78ba85debecb4d71de6c15213 |
| httpd-manual-2.0.52-47.ent.ia64.rpm | SHA-256: ef4a6da47d7fae78cb25ff065d2151cf491c5fa78ba85debecb4d71de6c15213 |
| httpd-suexec-2.0.52-47.ent.ia64.rpm | SHA-256: 63211175d255c167d609280c8a4f41766f428b3c774d74aa599d420e8aa04c68 |
| httpd-suexec-2.0.52-47.ent.ia64.rpm | SHA-256: 63211175d255c167d609280c8a4f41766f428b3c774d74aa599d420e8aa04c68 |
| mod_ssl-2.0.52-47.ent.ia64.rpm | SHA-256: c9ff0cd5309ffd1228d29e12398e71dac8f323aaf589e3a202631881fa6aa7b1 |
| mod_ssl-2.0.52-47.ent.ia64.rpm | SHA-256: c9ff0cd5309ffd1228d29e12398e71dac8f323aaf589e3a202631881fa6aa7b1 |
| i386 | |
| httpd-2.0.52-47.ent.i386.rpm | SHA-256: b71859bf578347cb8742c8237081c022134b79cd844ab36b4340c14c43e00fca |
| httpd-2.0.52-47.ent.i386.rpm | SHA-256: b71859bf578347cb8742c8237081c022134b79cd844ab36b4340c14c43e00fca |
| httpd-devel-2.0.52-47.ent.i386.rpm | SHA-256: 6c8168db1d52155858ee72e8be2b6353e55695ce10ea4d179a3d2ed1f676fbfb |
| httpd-devel-2.0.52-47.ent.i386.rpm | SHA-256: 6c8168db1d52155858ee72e8be2b6353e55695ce10ea4d179a3d2ed1f676fbfb |
| httpd-manual-2.0.52-47.ent.i386.rpm | SHA-256: c8fd0cd1531b3aabec611f8ebbab984de1c92e07f9f4b76e0fa032e02f70c3b5 |
| httpd-manual-2.0.52-47.ent.i386.rpm | SHA-256: c8fd0cd1531b3aabec611f8ebbab984de1c92e07f9f4b76e0fa032e02f70c3b5 |
| httpd-suexec-2.0.52-47.ent.i386.rpm | SHA-256: 317106400030c9bb2551122f5f2d859fe7f365e04cbe07781a64d83f68644d1d |
| httpd-suexec-2.0.52-47.ent.i386.rpm | SHA-256: 317106400030c9bb2551122f5f2d859fe7f365e04cbe07781a64d83f68644d1d |
| mod_ssl-2.0.52-47.ent.i386.rpm | SHA-256: 4ac1ba0ef14e73846f77b75c257652de3ad0ca02126d5ba9f84b2b9a9e972ac7 |
| mod_ssl-2.0.52-47.ent.i386.rpm | SHA-256: 4ac1ba0ef14e73846f77b75c257652de3ad0ca02126d5ba9f84b2b9a9e972ac7 |
Red Hat Enterprise Linux Workstation 4
| SRPM | |
|---|---|
| httpd-2.0.52-47.ent.src.rpm | SHA-256: 14a53eb63d5de255ef82232230c3b358bb585482f87de548973013a01aeb548f |
| x86_64 | |
| httpd-2.0.52-47.ent.x86_64.rpm | SHA-256: 8493e867b7aa1465c01bce095554e7f0fe58b2c5eefdb898c6b6c62dc4a84241 |
| httpd-devel-2.0.52-47.ent.x86_64.rpm | SHA-256: 24e10b703dc15071a63516246b67efb227ad88139d0ec50a2c7ea53fc386622f |
| httpd-manual-2.0.52-47.ent.x86_64.rpm | SHA-256: 0548a19c5ec8567c1f8c40c517e2e8029929c8c3e79d2d5964271e90d1050eab |
| httpd-suexec-2.0.52-47.ent.x86_64.rpm | SHA-256: c56ecc4149a2f37f4fdb6582d0495960300b15a06f9da311df34f5f75c030811 |
| mod_ssl-2.0.52-47.ent.x86_64.rpm | SHA-256: 527c62d574fbef4965a39fb82c8a827384066c3672baeba5f8e32ef0535732e5 |
| ia64 | |
| httpd-2.0.52-47.ent.ia64.rpm | SHA-256: 2acf2f7540c8372913ac4c880cfc18b2924174797ac3a3a144baf4397f98dd74 |
| httpd-devel-2.0.52-47.ent.ia64.rpm | SHA-256: f05071d35ba864fc9bb022ce7e46b2cf0c45b4738d2d541ab6130a9024cf81c1 |
| httpd-manual-2.0.52-47.ent.ia64.rpm | SHA-256: ef4a6da47d7fae78cb25ff065d2151cf491c5fa78ba85debecb4d71de6c15213 |
| httpd-suexec-2.0.52-47.ent.ia64.rpm | SHA-256: 63211175d255c167d609280c8a4f41766f428b3c774d74aa599d420e8aa04c68 |
| mod_ssl-2.0.52-47.ent.ia64.rpm | SHA-256: c9ff0cd5309ffd1228d29e12398e71dac8f323aaf589e3a202631881fa6aa7b1 |
| i386 | |
| httpd-2.0.52-47.ent.i386.rpm | SHA-256: b71859bf578347cb8742c8237081c022134b79cd844ab36b4340c14c43e00fca |
| httpd-devel-2.0.52-47.ent.i386.rpm | SHA-256: 6c8168db1d52155858ee72e8be2b6353e55695ce10ea4d179a3d2ed1f676fbfb |
| httpd-manual-2.0.52-47.ent.i386.rpm | SHA-256: c8fd0cd1531b3aabec611f8ebbab984de1c92e07f9f4b76e0fa032e02f70c3b5 |
| httpd-suexec-2.0.52-47.ent.i386.rpm | SHA-256: 317106400030c9bb2551122f5f2d859fe7f365e04cbe07781a64d83f68644d1d |
| mod_ssl-2.0.52-47.ent.i386.rpm | SHA-256: 4ac1ba0ef14e73846f77b75c257652de3ad0ca02126d5ba9f84b2b9a9e972ac7 |
Red Hat Enterprise Linux Desktop 4
| SRPM | |
|---|---|
| httpd-2.0.52-47.ent.src.rpm | SHA-256: 14a53eb63d5de255ef82232230c3b358bb585482f87de548973013a01aeb548f |
| x86_64 | |
| httpd-2.0.52-47.ent.x86_64.rpm | SHA-256: 8493e867b7aa1465c01bce095554e7f0fe58b2c5eefdb898c6b6c62dc4a84241 |
| httpd-devel-2.0.52-47.ent.x86_64.rpm | SHA-256: 24e10b703dc15071a63516246b67efb227ad88139d0ec50a2c7ea53fc386622f |
| httpd-manual-2.0.52-47.ent.x86_64.rpm | SHA-256: 0548a19c5ec8567c1f8c40c517e2e8029929c8c3e79d2d5964271e90d1050eab |
| httpd-suexec-2.0.52-47.ent.x86_64.rpm | SHA-256: c56ecc4149a2f37f4fdb6582d0495960300b15a06f9da311df34f5f75c030811 |
| mod_ssl-2.0.52-47.ent.x86_64.rpm | SHA-256: 527c62d574fbef4965a39fb82c8a827384066c3672baeba5f8e32ef0535732e5 |
| i386 | |
| httpd-2.0.52-47.ent.i386.rpm | SHA-256: b71859bf578347cb8742c8237081c022134b79cd844ab36b4340c14c43e00fca |
| httpd-devel-2.0.52-47.ent.i386.rpm | SHA-256: 6c8168db1d52155858ee72e8be2b6353e55695ce10ea4d179a3d2ed1f676fbfb |
| httpd-manual-2.0.52-47.ent.i386.rpm | SHA-256: c8fd0cd1531b3aabec611f8ebbab984de1c92e07f9f4b76e0fa032e02f70c3b5 |
| httpd-suexec-2.0.52-47.ent.i386.rpm | SHA-256: 317106400030c9bb2551122f5f2d859fe7f365e04cbe07781a64d83f68644d1d |
| mod_ssl-2.0.52-47.ent.i386.rpm | SHA-256: 4ac1ba0ef14e73846f77b75c257652de3ad0ca02126d5ba9f84b2b9a9e972ac7 |
Red Hat Enterprise Linux for IBM z Systems 4
| SRPM | |
|---|---|
| httpd-2.0.52-47.ent.src.rpm | SHA-256: 14a53eb63d5de255ef82232230c3b358bb585482f87de548973013a01aeb548f |
| s390x | |
| httpd-2.0.52-47.ent.s390x.rpm | SHA-256: 64f6d3cd526c54b3b6ed1672130e1cc007777a836a90257a93159fba91412445 |
| httpd-devel-2.0.52-47.ent.s390x.rpm | SHA-256: dc0c812858599af4e060402b20c13049ac733137f09e53469349081405c06f6f |
| httpd-manual-2.0.52-47.ent.s390x.rpm | SHA-256: 2b5458b840b2039f437390148fd3981e76ee4edf6f82be77a9972596edfd1dd9 |
| httpd-suexec-2.0.52-47.ent.s390x.rpm | SHA-256: 5c0056da7d63d258983e072082b7c778e2b6c0fcdbd2a3094041e0db7cc2f064 |
| mod_ssl-2.0.52-47.ent.s390x.rpm | SHA-256: 64f13ba51ff077adb8f224ce16343cab3acfeba531309c4b07a4b4f76d0430f9 |
| s390 | |
| httpd-2.0.52-47.ent.s390.rpm | SHA-256: 98494aa6ac4274c7dcae794d2ba30abe1bf0edaaf0cd31429e119e7fccd678e9 |
| httpd-devel-2.0.52-47.ent.s390.rpm | SHA-256: 7e7d48751a929a7731a54ed33756405bb4588815717cf09b67a42dfd87574b84 |
| httpd-manual-2.0.52-47.ent.s390.rpm | SHA-256: 854cb151b5060dbd7a35c8c6f5263ff20283b3fb66001e6578713c1e5de073ba |
| httpd-suexec-2.0.52-47.ent.s390.rpm | SHA-256: 605089c44a9d815d2dbfaf232b021b4ec3011ea8408a55487f0363ead33c41ed |
| mod_ssl-2.0.52-47.ent.s390.rpm | SHA-256: 2f95d55c08f542733799effedfdf6e2d2d230c016c572b5b2f42d39d31b68815 |
Red Hat Enterprise Linux for Power, big endian 4
| SRPM | |
|---|---|
| httpd-2.0.52-47.ent.src.rpm | SHA-256: 14a53eb63d5de255ef82232230c3b358bb585482f87de548973013a01aeb548f |
| ppc | |
| httpd-2.0.52-47.ent.ppc.rpm | SHA-256: 2ccadfb7f5a4b1b68a7871d1cdde3084d154cad0a720a77468843aeb46321261 |
| httpd-devel-2.0.52-47.ent.ppc.rpm | SHA-256: d1efa04e3faf865266e9b7fc1ff9297181949e713a5ff8cae6b6c5960ed51d6d |
| httpd-manual-2.0.52-47.ent.ppc.rpm | SHA-256: dac2c3c5a400550ebae42be569aca0a59cb7572f7f75f1316e1c2cd8873c5b51 |
| httpd-suexec-2.0.52-47.ent.ppc.rpm | SHA-256: 53cb8a8575443ff5bb72021ef4fb2f5e0fc1e87b89a8e37c96729045e2768cc4 |
| mod_ssl-2.0.52-47.ent.ppc.rpm | SHA-256: 755abfe6f37d0a63fd26b2ae12c75cda76bf3bfabe17d1348995d2087ebc5b96 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
