- Issued:
- 2014-09-16
- Updated:
- 2014-09-16
RHBA-2014:1232 - Bug Fix Advisory
Synopsis
httpd bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated httpd packages that fix several bugs and add two enhancements are now
available for Red Hat Enterprise Linux 5.
Description
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and
extensible web server.
This update fixes the following bugs:
- Previously, the mod_proxy_connect module did not correctly handle signals
while waiting for a backend server to close the connection. With this update,
signals are ignored while processing connection closure, thus fixing the bug.
(BZ#976465)
- Due to a bug in the mod_proxy_http module, the "proxy: error reading response"
error message was logged into the global error log even when there was a
VirtualHost-specific error log configured. With this update, the aforementioned
error message is logged into the correct log file. (BZ#1003073)
- Previously, a bug in handling the attribute values in the mod_ldap module
could lead to a segmentation fault when LDAP dynamic groups were configured. The
handling of attribute values has been fixed, and mod_ldap now works as intended.
(BZ#1047319)
- Due to a bug in the lock handling in the mod_ldap module, httpd processes
could enter a loop continually consuming CPU time in some LDAP configurations. A
patch has been applied to correct the lock handling, and LDAP configurations now
work correctly. (BZ#1101385)
In addition, this update adds the following enhancements:
- The mod_authnz_ldap module can set environment variables based on LDAP
attributes. However, these variables were only available when LDAP
authentication was configured. With this update, environment variables are set
for LDAP attributes if LDAP is used for authorization only. (BZ#1038276)
- A mod_ssl configuration with very large Certificate Revocation Lists (CRLs)
could result in excessive memory consumption as the CRLs could be cached in the
memory. A new configuration directive, "SSLDisableCRLCaching", which disables
CRL caching and allows lower memory use in such configurations, has been added
to mod_ssl. (BZ#1058426)
Users of httpd are advised to upgrade to these updated packages, which fix these
bugs and add these enhancements. After installing the updated packages, the
httpd daemon will be restarted automatically.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/site/articles/11258
Affected Products
- Red Hat Enterprise Linux Server 5 x86_64
- Red Hat Enterprise Linux Server 5 ia64
- Red Hat Enterprise Linux Server 5 i386
- Red Hat Enterprise Linux Workstation 5 x86_64
- Red Hat Enterprise Linux Workstation 5 i386
- Red Hat Enterprise Linux Desktop 5 x86_64
- Red Hat Enterprise Linux Desktop 5 i386
- Red Hat Enterprise Linux for IBM z Systems 5 s390x
- Red Hat Enterprise Linux for Power, big endian 5 ppc
- Red Hat Enterprise Linux Server from RHUI 5 x86_64
- Red Hat Enterprise Linux Server from RHUI 5 i386
Fixes
- BZ - 1038276 - mod_authnz_ldap unable to set environment variables for authorize only
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 5
SRPM | |
---|---|
httpd-2.2.3-91.el5.src.rpm | SHA-256: d7347ede4a9b8dad38cce1bdae66fb58a53bd73a676993618de1306209b0c9fa |
x86_64 | |
httpd-2.2.3-91.el5.x86_64.rpm | SHA-256: 7c5c386a51451e079cef327ac12ee09a10a54c31a63d649008d77c1c9aec1464 |
httpd-debuginfo-2.2.3-91.el5.i386.rpm | SHA-256: 90b258f2ff053225df3a51f9192e31387a35cf70cc234981019c59737b47beb3 |
httpd-debuginfo-2.2.3-91.el5.x86_64.rpm | SHA-256: bf61e19156e93bdfd9c176db823376f484ad966a0aaa4981f31eeea589f06467 |
httpd-devel-2.2.3-91.el5.i386.rpm | SHA-256: f11968f43f24f7be126f76ac113cdf16a16ea3b59f783e05222d42021593bcbc |
httpd-devel-2.2.3-91.el5.x86_64.rpm | SHA-256: ed02e7737d431cc8af5d2572eba4ea1af1de36cae23ba818af28af3b78be665d |
httpd-manual-2.2.3-91.el5.x86_64.rpm | SHA-256: 6558d2dfd9d111366b37bddb6ab6c7699ee568ff90db1c763f836b759fc6c088 |
mod_ssl-2.2.3-91.el5.x86_64.rpm | SHA-256: 99f065bf41c8d442e28175cd95a0937744e335d484dd5cfe2cf06d12925382d6 |
ia64 | |
httpd-2.2.3-91.el5.ia64.rpm | SHA-256: a10a73da98e558b292f678801dcbf6d5614cc1dc79035975e941f8720559a051 |
httpd-debuginfo-2.2.3-91.el5.ia64.rpm | SHA-256: 55ba14830240bd203bb4fff78f1afad3389796b6871a7aac86ae28b647989ee7 |
httpd-devel-2.2.3-91.el5.ia64.rpm | SHA-256: f33381c6a5d5aca7d09854b3ed5ca22907246f13deb9fc815fc5ca8a75aea223 |
httpd-manual-2.2.3-91.el5.ia64.rpm | SHA-256: 1233c9c61fff026825c967bfb4c2f6ef602ef5e31ef3327cf0414d822a3c9716 |
mod_ssl-2.2.3-91.el5.ia64.rpm | SHA-256: 15f693c4e2fd0551f69e75ff96f0cc30bcbf1fd7cc108d02717bf481de23f272 |
i386 | |
httpd-2.2.3-91.el5.i386.rpm | SHA-256: 865963b0ae3cdd943f6b88810ba84da4f9165a98cbddad1abd72d2472c58d494 |
httpd-debuginfo-2.2.3-91.el5.i386.rpm | SHA-256: 90b258f2ff053225df3a51f9192e31387a35cf70cc234981019c59737b47beb3 |
httpd-devel-2.2.3-91.el5.i386.rpm | SHA-256: f11968f43f24f7be126f76ac113cdf16a16ea3b59f783e05222d42021593bcbc |
httpd-manual-2.2.3-91.el5.i386.rpm | SHA-256: de000d8a8363d0187e91a32240c086309f59cd5a5e35f6550419f92751affdec |
mod_ssl-2.2.3-91.el5.i386.rpm | SHA-256: 253c24f90fab360d28b5f8919e0f6c74f28fb144977477c238f00bfaffb061a6 |
Red Hat Enterprise Linux Workstation 5
SRPM | |
---|---|
httpd-2.2.3-91.el5.src.rpm | SHA-256: d7347ede4a9b8dad38cce1bdae66fb58a53bd73a676993618de1306209b0c9fa |
x86_64 | |
httpd-2.2.3-91.el5.x86_64.rpm | SHA-256: 7c5c386a51451e079cef327ac12ee09a10a54c31a63d649008d77c1c9aec1464 |
httpd-debuginfo-2.2.3-91.el5.i386.rpm | SHA-256: 90b258f2ff053225df3a51f9192e31387a35cf70cc234981019c59737b47beb3 |
httpd-debuginfo-2.2.3-91.el5.x86_64.rpm | SHA-256: bf61e19156e93bdfd9c176db823376f484ad966a0aaa4981f31eeea589f06467 |
httpd-debuginfo-2.2.3-91.el5.x86_64.rpm | SHA-256: bf61e19156e93bdfd9c176db823376f484ad966a0aaa4981f31eeea589f06467 |
httpd-devel-2.2.3-91.el5.i386.rpm | SHA-256: f11968f43f24f7be126f76ac113cdf16a16ea3b59f783e05222d42021593bcbc |
httpd-devel-2.2.3-91.el5.x86_64.rpm | SHA-256: ed02e7737d431cc8af5d2572eba4ea1af1de36cae23ba818af28af3b78be665d |
httpd-manual-2.2.3-91.el5.x86_64.rpm | SHA-256: 6558d2dfd9d111366b37bddb6ab6c7699ee568ff90db1c763f836b759fc6c088 |
mod_ssl-2.2.3-91.el5.x86_64.rpm | SHA-256: 99f065bf41c8d442e28175cd95a0937744e335d484dd5cfe2cf06d12925382d6 |
i386 | |
httpd-2.2.3-91.el5.i386.rpm | SHA-256: 865963b0ae3cdd943f6b88810ba84da4f9165a98cbddad1abd72d2472c58d494 |
httpd-debuginfo-2.2.3-91.el5.i386.rpm | SHA-256: 90b258f2ff053225df3a51f9192e31387a35cf70cc234981019c59737b47beb3 |
httpd-debuginfo-2.2.3-91.el5.i386.rpm | SHA-256: 90b258f2ff053225df3a51f9192e31387a35cf70cc234981019c59737b47beb3 |
httpd-devel-2.2.3-91.el5.i386.rpm | SHA-256: f11968f43f24f7be126f76ac113cdf16a16ea3b59f783e05222d42021593bcbc |
httpd-manual-2.2.3-91.el5.i386.rpm | SHA-256: de000d8a8363d0187e91a32240c086309f59cd5a5e35f6550419f92751affdec |
mod_ssl-2.2.3-91.el5.i386.rpm | SHA-256: 253c24f90fab360d28b5f8919e0f6c74f28fb144977477c238f00bfaffb061a6 |
Red Hat Enterprise Linux Desktop 5
SRPM | |
---|---|
httpd-2.2.3-91.el5.src.rpm | SHA-256: d7347ede4a9b8dad38cce1bdae66fb58a53bd73a676993618de1306209b0c9fa |
x86_64 | |
httpd-2.2.3-91.el5.x86_64.rpm | SHA-256: 7c5c386a51451e079cef327ac12ee09a10a54c31a63d649008d77c1c9aec1464 |
httpd-debuginfo-2.2.3-91.el5.x86_64.rpm | SHA-256: bf61e19156e93bdfd9c176db823376f484ad966a0aaa4981f31eeea589f06467 |
mod_ssl-2.2.3-91.el5.x86_64.rpm | SHA-256: 99f065bf41c8d442e28175cd95a0937744e335d484dd5cfe2cf06d12925382d6 |
i386 | |
httpd-2.2.3-91.el5.i386.rpm | SHA-256: 865963b0ae3cdd943f6b88810ba84da4f9165a98cbddad1abd72d2472c58d494 |
httpd-debuginfo-2.2.3-91.el5.i386.rpm | SHA-256: 90b258f2ff053225df3a51f9192e31387a35cf70cc234981019c59737b47beb3 |
mod_ssl-2.2.3-91.el5.i386.rpm | SHA-256: 253c24f90fab360d28b5f8919e0f6c74f28fb144977477c238f00bfaffb061a6 |
Red Hat Enterprise Linux for IBM z Systems 5
SRPM | |
---|---|
httpd-2.2.3-91.el5.src.rpm | SHA-256: d7347ede4a9b8dad38cce1bdae66fb58a53bd73a676993618de1306209b0c9fa |
s390x | |
httpd-2.2.3-91.el5.s390x.rpm | SHA-256: a17eb3eefa2735e6f71a339a1d48b30906e6506a7e2a091bca0fdc45192a7886 |
httpd-debuginfo-2.2.3-91.el5.s390.rpm | SHA-256: 6fffdc9f3e0c73f6ee1e42d23cb41f459363dc44703d9db97dfdaef21b9a10fb |
httpd-debuginfo-2.2.3-91.el5.s390x.rpm | SHA-256: 2e6c9e68da8e269e3fe1c0afaba1d1e3924597209b9e83103b5d891b955a9382 |
httpd-devel-2.2.3-91.el5.s390.rpm | SHA-256: 29c660239428d998875f067915fd24c11ca2042dbf396925cfe999aafe2170fb |
httpd-devel-2.2.3-91.el5.s390x.rpm | SHA-256: 4174d7460bcd5c16c5bef65d45a5869d3a11cb02e0f626df48ad287dbea1505a |
httpd-manual-2.2.3-91.el5.s390x.rpm | SHA-256: 8ab4c6b6fe0684d3fa81381c5f126cc25e94a22bd826ac7c20d90fefd302d154 |
mod_ssl-2.2.3-91.el5.s390x.rpm | SHA-256: b960d063286706684e7c388eddc73d24b1dbd1f3fa11a83bb605697c41e231b7 |
Red Hat Enterprise Linux for Power, big endian 5
SRPM | |
---|---|
httpd-2.2.3-91.el5.src.rpm | SHA-256: d7347ede4a9b8dad38cce1bdae66fb58a53bd73a676993618de1306209b0c9fa |
ppc | |
httpd-2.2.3-91.el5.ppc.rpm | SHA-256: 3668a7418636f25867ecd1110348f4e59358e69b75210a8f2070bee6cf4a9fa7 |
httpd-debuginfo-2.2.3-91.el5.ppc.rpm | SHA-256: 31bb2f3f1852be92681f613699b4d208d3ee87b97cbc25e9627f401979931a58 |
httpd-debuginfo-2.2.3-91.el5.ppc64.rpm | SHA-256: c22e4a69621901cf953875b7fb6a3cd4be62fdcbaff2cca9801096431051e72b |
httpd-devel-2.2.3-91.el5.ppc.rpm | SHA-256: 41f6e611c5a1dd440098483d494a8f637c1e26662e1a060702509444dd6f0416 |
httpd-devel-2.2.3-91.el5.ppc64.rpm | SHA-256: 067ddb4ad1d6da0dd94c6e58bbc9333f7ecbc2659b5aeb2aa3189721cd72582a |
httpd-manual-2.2.3-91.el5.ppc.rpm | SHA-256: 2e68accd799220b6d0e298f0b2a566e12f2b40bb6a9febd0dd235dd375932b43 |
mod_ssl-2.2.3-91.el5.ppc.rpm | SHA-256: e2c0987c9184239d2d5b54566fa50bd7909826aaf84bc4145ae5fe7a08b5cf7a |
Red Hat Enterprise Linux Server from RHUI 5
SRPM | |
---|---|
httpd-2.2.3-91.el5.src.rpm | SHA-256: d7347ede4a9b8dad38cce1bdae66fb58a53bd73a676993618de1306209b0c9fa |
x86_64 | |
httpd-2.2.3-91.el5.x86_64.rpm | SHA-256: 7c5c386a51451e079cef327ac12ee09a10a54c31a63d649008d77c1c9aec1464 |
httpd-debuginfo-2.2.3-91.el5.i386.rpm | SHA-256: 90b258f2ff053225df3a51f9192e31387a35cf70cc234981019c59737b47beb3 |
httpd-debuginfo-2.2.3-91.el5.x86_64.rpm | SHA-256: bf61e19156e93bdfd9c176db823376f484ad966a0aaa4981f31eeea589f06467 |
httpd-devel-2.2.3-91.el5.i386.rpm | SHA-256: f11968f43f24f7be126f76ac113cdf16a16ea3b59f783e05222d42021593bcbc |
httpd-devel-2.2.3-91.el5.x86_64.rpm | SHA-256: ed02e7737d431cc8af5d2572eba4ea1af1de36cae23ba818af28af3b78be665d |
httpd-manual-2.2.3-91.el5.x86_64.rpm | SHA-256: 6558d2dfd9d111366b37bddb6ab6c7699ee568ff90db1c763f836b759fc6c088 |
mod_ssl-2.2.3-91.el5.x86_64.rpm | SHA-256: 99f065bf41c8d442e28175cd95a0937744e335d484dd5cfe2cf06d12925382d6 |
i386 | |
httpd-2.2.3-91.el5.i386.rpm | SHA-256: 865963b0ae3cdd943f6b88810ba84da4f9165a98cbddad1abd72d2472c58d494 |
httpd-debuginfo-2.2.3-91.el5.i386.rpm | SHA-256: 90b258f2ff053225df3a51f9192e31387a35cf70cc234981019c59737b47beb3 |
httpd-devel-2.2.3-91.el5.i386.rpm | SHA-256: f11968f43f24f7be126f76ac113cdf16a16ea3b59f783e05222d42021593bcbc |
httpd-manual-2.2.3-91.el5.i386.rpm | SHA-256: de000d8a8363d0187e91a32240c086309f59cd5a5e35f6550419f92751affdec |
mod_ssl-2.2.3-91.el5.i386.rpm | SHA-256: 253c24f90fab360d28b5f8919e0f6c74f28fb144977477c238f00bfaffb061a6 |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.