Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2018:2737 - Security Advisory
Issued:
2018-09-24
Updated:
2018-09-24

RHSA-2018:2737 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: mod_perl security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for mod_perl is now available for Red Hat Enterprise Linux 6.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Mod_perl incorporates a Perl interpreter into the Apache web server, such that the Apache HTTP server can directly execute Perl code.

Security Fix(es):

  • mod_perl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess (CVE-2011-2767)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Server 6 x86_64
  • Red Hat Enterprise Linux Server 6 i386
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 6 i386
  • Red Hat Enterprise Linux Workstation 6 x86_64
  • Red Hat Enterprise Linux Workstation 6 i386
  • Red Hat Enterprise Linux Desktop 6 x86_64
  • Red Hat Enterprise Linux Desktop 6 i386
  • Red Hat Enterprise Linux for IBM z Systems 6 s390x
  • Red Hat Enterprise Linux for Power, big endian 6 ppc64
  • Red Hat Enterprise Linux for Scientific Computing 6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6 s390x

Fixes

  • BZ - 1623265 - CVE-2011-2767 mod_perl: arbitrary Perl code execution in the context of the user account via a user-owned .htaccess

CVEs

  • CVE-2011-2767

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 6

SRPM
mod_perl-2.0.4-12.el6_10.src.rpm SHA-256: d1049dbfc456746028f0bfc05ccbf9d87014b0a4c775af18760e4b5b4d23386e
x86_64
mod_perl-2.0.4-12.el6_10.x86_64.rpm SHA-256: eded399fc61d740ac724681c2ad31dcc1874bec1b6defcd16c8e4e11ee403bbe
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-debuginfo-2.0.4-12.el6_10.x86_64.rpm SHA-256: 14afaa5929b9dc3ba20064f3633d84ea1567c6bd40d794da580edb59889c3f65
mod_perl-debuginfo-2.0.4-12.el6_10.x86_64.rpm SHA-256: 14afaa5929b9dc3ba20064f3633d84ea1567c6bd40d794da580edb59889c3f65
mod_perl-devel-2.0.4-12.el6_10.i686.rpm SHA-256: c6565e0f9be7e9a7628bb17236ec209f8091b822b884c44ee98889cbc2c28a6d
mod_perl-devel-2.0.4-12.el6_10.x86_64.rpm SHA-256: fc75ec3848129ba755f1d498f258a59e080e854a8ccfd9427b5abcd04f33f412
i386
mod_perl-2.0.4-12.el6_10.i686.rpm SHA-256: 6a83cd31ebe60d5e49e58661ec26beeb671984be78116719e4bbe866e837a45a
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-devel-2.0.4-12.el6_10.i686.rpm SHA-256: c6565e0f9be7e9a7628bb17236ec209f8091b822b884c44ee98889cbc2c28a6d

Red Hat Enterprise Linux Server - Extended Life Cycle Support 6

SRPM
mod_perl-2.0.4-12.el6_10.src.rpm SHA-256: d1049dbfc456746028f0bfc05ccbf9d87014b0a4c775af18760e4b5b4d23386e
x86_64
mod_perl-2.0.4-12.el6_10.x86_64.rpm SHA-256: eded399fc61d740ac724681c2ad31dcc1874bec1b6defcd16c8e4e11ee403bbe
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-debuginfo-2.0.4-12.el6_10.x86_64.rpm SHA-256: 14afaa5929b9dc3ba20064f3633d84ea1567c6bd40d794da580edb59889c3f65
mod_perl-debuginfo-2.0.4-12.el6_10.x86_64.rpm SHA-256: 14afaa5929b9dc3ba20064f3633d84ea1567c6bd40d794da580edb59889c3f65
mod_perl-devel-2.0.4-12.el6_10.i686.rpm SHA-256: c6565e0f9be7e9a7628bb17236ec209f8091b822b884c44ee98889cbc2c28a6d
mod_perl-devel-2.0.4-12.el6_10.x86_64.rpm SHA-256: fc75ec3848129ba755f1d498f258a59e080e854a8ccfd9427b5abcd04f33f412
i386
mod_perl-2.0.4-12.el6_10.i686.rpm SHA-256: 6a83cd31ebe60d5e49e58661ec26beeb671984be78116719e4bbe866e837a45a
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-devel-2.0.4-12.el6_10.i686.rpm SHA-256: c6565e0f9be7e9a7628bb17236ec209f8091b822b884c44ee98889cbc2c28a6d

Red Hat Enterprise Linux Workstation 6

SRPM
mod_perl-2.0.4-12.el6_10.src.rpm SHA-256: d1049dbfc456746028f0bfc05ccbf9d87014b0a4c775af18760e4b5b4d23386e
x86_64
mod_perl-2.0.4-12.el6_10.x86_64.rpm SHA-256: eded399fc61d740ac724681c2ad31dcc1874bec1b6defcd16c8e4e11ee403bbe
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-debuginfo-2.0.4-12.el6_10.x86_64.rpm SHA-256: 14afaa5929b9dc3ba20064f3633d84ea1567c6bd40d794da580edb59889c3f65
mod_perl-debuginfo-2.0.4-12.el6_10.x86_64.rpm SHA-256: 14afaa5929b9dc3ba20064f3633d84ea1567c6bd40d794da580edb59889c3f65
mod_perl-devel-2.0.4-12.el6_10.i686.rpm SHA-256: c6565e0f9be7e9a7628bb17236ec209f8091b822b884c44ee98889cbc2c28a6d
mod_perl-devel-2.0.4-12.el6_10.x86_64.rpm SHA-256: fc75ec3848129ba755f1d498f258a59e080e854a8ccfd9427b5abcd04f33f412
i386
mod_perl-2.0.4-12.el6_10.i686.rpm SHA-256: 6a83cd31ebe60d5e49e58661ec26beeb671984be78116719e4bbe866e837a45a
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-devel-2.0.4-12.el6_10.i686.rpm SHA-256: c6565e0f9be7e9a7628bb17236ec209f8091b822b884c44ee98889cbc2c28a6d

Red Hat Enterprise Linux Desktop 6

SRPM
mod_perl-2.0.4-12.el6_10.src.rpm SHA-256: d1049dbfc456746028f0bfc05ccbf9d87014b0a4c775af18760e4b5b4d23386e
x86_64
mod_perl-2.0.4-12.el6_10.x86_64.rpm SHA-256: eded399fc61d740ac724681c2ad31dcc1874bec1b6defcd16c8e4e11ee403bbe
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-debuginfo-2.0.4-12.el6_10.x86_64.rpm SHA-256: 14afaa5929b9dc3ba20064f3633d84ea1567c6bd40d794da580edb59889c3f65
mod_perl-debuginfo-2.0.4-12.el6_10.x86_64.rpm SHA-256: 14afaa5929b9dc3ba20064f3633d84ea1567c6bd40d794da580edb59889c3f65
mod_perl-devel-2.0.4-12.el6_10.i686.rpm SHA-256: c6565e0f9be7e9a7628bb17236ec209f8091b822b884c44ee98889cbc2c28a6d
mod_perl-devel-2.0.4-12.el6_10.x86_64.rpm SHA-256: fc75ec3848129ba755f1d498f258a59e080e854a8ccfd9427b5abcd04f33f412
i386
mod_perl-2.0.4-12.el6_10.i686.rpm SHA-256: 6a83cd31ebe60d5e49e58661ec26beeb671984be78116719e4bbe866e837a45a
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-devel-2.0.4-12.el6_10.i686.rpm SHA-256: c6565e0f9be7e9a7628bb17236ec209f8091b822b884c44ee98889cbc2c28a6d

Red Hat Enterprise Linux for IBM z Systems 6

SRPM
mod_perl-2.0.4-12.el6_10.src.rpm SHA-256: d1049dbfc456746028f0bfc05ccbf9d87014b0a4c775af18760e4b5b4d23386e
s390x
mod_perl-2.0.4-12.el6_10.s390x.rpm SHA-256: 07c501639db1b11b4c5a4fc500260715d8be741697cc79cf6184c7d8c07324aa
mod_perl-debuginfo-2.0.4-12.el6_10.s390.rpm SHA-256: 88beb9d091a07a978037627661714d4d34f30ccdfe533c9feba2235c18c3bfed
mod_perl-debuginfo-2.0.4-12.el6_10.s390x.rpm SHA-256: 8aa0798756be35edd64e12501eee36ca716f1ca67425195b0e538b6a15e3920a
mod_perl-debuginfo-2.0.4-12.el6_10.s390x.rpm SHA-256: 8aa0798756be35edd64e12501eee36ca716f1ca67425195b0e538b6a15e3920a
mod_perl-devel-2.0.4-12.el6_10.s390.rpm SHA-256: 159f921367948f0a0c0ec304d742ad41629240ef458701fc8501f84dc19c3302
mod_perl-devel-2.0.4-12.el6_10.s390x.rpm SHA-256: dc232258523a3805cdd38dadd22f46e3dee50602b0c3902f35748c1ec5e8f8dd

Red Hat Enterprise Linux for Power, big endian 6

SRPM
mod_perl-2.0.4-12.el6_10.src.rpm SHA-256: d1049dbfc456746028f0bfc05ccbf9d87014b0a4c775af18760e4b5b4d23386e
ppc64
mod_perl-2.0.4-12.el6_10.ppc64.rpm SHA-256: 0eb14d989c930ad00874a5fb49db3895cf7d2e70bade66ecc71d66b22258ab13
mod_perl-debuginfo-2.0.4-12.el6_10.ppc.rpm SHA-256: 6c9de2909cbc7ce6421e738454f54fe030511a9f0bc91e5d2a609497dbfac3e4
mod_perl-debuginfo-2.0.4-12.el6_10.ppc64.rpm SHA-256: 775fc69bb49280c8aa6f99c7b2550b9ed59cdfa50f7d2ae20520b7035a8688d1
mod_perl-debuginfo-2.0.4-12.el6_10.ppc64.rpm SHA-256: 775fc69bb49280c8aa6f99c7b2550b9ed59cdfa50f7d2ae20520b7035a8688d1
mod_perl-devel-2.0.4-12.el6_10.ppc.rpm SHA-256: ac76f12e5991688b318cb49223c4c712cc5746abf32623f89ff33dde66d45b7a
mod_perl-devel-2.0.4-12.el6_10.ppc64.rpm SHA-256: 9fa4cca1c5b298ebb3d402d41904c259525519200c8305bf7de54002a612e2c7

Red Hat Enterprise Linux for Scientific Computing 6

SRPM
mod_perl-2.0.4-12.el6_10.src.rpm SHA-256: d1049dbfc456746028f0bfc05ccbf9d87014b0a4c775af18760e4b5b4d23386e
x86_64
mod_perl-2.0.4-12.el6_10.x86_64.rpm SHA-256: eded399fc61d740ac724681c2ad31dcc1874bec1b6defcd16c8e4e11ee403bbe
mod_perl-debuginfo-2.0.4-12.el6_10.i686.rpm SHA-256: 936676f1f1f65dab69aab6c1e2dd2aaccb13c8d6ffcf7c00cc921b475f11894e
mod_perl-debuginfo-2.0.4-12.el6_10.x86_64.rpm SHA-256: 14afaa5929b9dc3ba20064f3633d84ea1567c6bd40d794da580edb59889c3f65
mod_perl-debuginfo-2.0.4-12.el6_10.x86_64.rpm SHA-256: 14afaa5929b9dc3ba20064f3633d84ea1567c6bd40d794da580edb59889c3f65
mod_perl-devel-2.0.4-12.el6_10.i686.rpm SHA-256: c6565e0f9be7e9a7628bb17236ec209f8091b822b884c44ee98889cbc2c28a6d
mod_perl-devel-2.0.4-12.el6_10.x86_64.rpm SHA-256: fc75ec3848129ba755f1d498f258a59e080e854a8ccfd9427b5abcd04f33f412

Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 6

SRPM
mod_perl-2.0.4-12.el6_10.src.rpm SHA-256: d1049dbfc456746028f0bfc05ccbf9d87014b0a4c775af18760e4b5b4d23386e
s390x
mod_perl-2.0.4-12.el6_10.s390x.rpm SHA-256: 07c501639db1b11b4c5a4fc500260715d8be741697cc79cf6184c7d8c07324aa
mod_perl-debuginfo-2.0.4-12.el6_10.s390.rpm SHA-256: 88beb9d091a07a978037627661714d4d34f30ccdfe533c9feba2235c18c3bfed
mod_perl-debuginfo-2.0.4-12.el6_10.s390x.rpm SHA-256: 8aa0798756be35edd64e12501eee36ca716f1ca67425195b0e538b6a15e3920a
mod_perl-debuginfo-2.0.4-12.el6_10.s390x.rpm SHA-256: 8aa0798756be35edd64e12501eee36ca716f1ca67425195b0e538b6a15e3920a
mod_perl-devel-2.0.4-12.el6_10.s390.rpm SHA-256: 159f921367948f0a0c0ec304d742ad41629240ef458701fc8501f84dc19c3302
mod_perl-devel-2.0.4-12.el6_10.s390x.rpm SHA-256: dc232258523a3805cdd38dadd22f46e3dee50602b0c3902f35748c1ec5e8f8dd

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2023 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter