Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2021:0486 - Security Advisory
Issued:
2021-02-11
Updated:
2021-02-11

RHSA-2021:0486 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Low: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP6 security update

Type/Severity

Security Advisory: Low

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

This release adds the new Apache HTTP Server 2.4.37 Service Pack 6 packages that are part of the JBoss Core Services offering.

This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 5 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.

Security fix(es):

  • openssl: EDIPARTYNAME NULL pointer de-reference (CVE-2020-1971)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat JBoss Core Services 1 for RHEL 7 x86_64

Fixes

  • BZ - 1903409 - CVE-2020-1971 openssl: EDIPARTYNAME NULL pointer de-reference

CVEs

  • CVE-2020-1971

References

  • https://access.redhat.com/security/updates/classification/#low
  • https://access.redhat.com/documentation/en-us/red_hat_jboss_core_services/2.4.37/
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat JBoss Core Services 1 for RHEL 7

SRPM
jbcs-httpd24-brotli-1.0.6-40.jbcs.el7.src.rpm SHA-256: fc9761766048ee04eb1cf10b7231f2a495b6edcb654e13127b144898e4d0e27c
jbcs-httpd24-httpd-2.4.37-66.jbcs.el7.src.rpm SHA-256: a1a2b3f3e318b08fef98aad581f8e39c7b40bd6f2bd1744a960d6955ca63da42
jbcs-httpd24-mod_cluster-native-1.3.14-16.Final_redhat_2.jbcs.el7.src.rpm SHA-256: 6457dc64d0ab669a45592cd658454d7eef620db45c5948c973254d97613e31f8
jbcs-httpd24-mod_http2-1.15.7-12.jbcs.el7.src.rpm SHA-256: 488702c0128da2f04a1614895c7fa816139f5c0efcae26bbc7b7693db8a91ac9
jbcs-httpd24-mod_jk-1.2.48-11.redhat_1.jbcs.el7.src.rpm SHA-256: ec2526ea88804b562020454f4cbe826386290cde211bb0e28ca69adf0ab4ba05
jbcs-httpd24-mod_md-2.0.8-31.jbcs.el7.src.rpm SHA-256: fa8d77e5d5b5b80f46fcea147613fc6563c811258cb8f96afbf874578ae15567
jbcs-httpd24-mod_security-2.9.2-58.GA.jbcs.el7.src.rpm SHA-256: d4e0fadbb3956912515729676510c4e26ac90f613c87be9dc918932b6c41649a
jbcs-httpd24-nghttp2-1.39.2-35.jbcs.el7.src.rpm SHA-256: 39d7960f51a9ee5672340d79fe82d40fd3452042bb7f62ef927552e71fba0609
jbcs-httpd24-openssl-1.1.1g-3.jbcs.el7.src.rpm SHA-256: 0d18dd72932f10bd161588440e03846c2d9b5b4098abf5887d38e55b17a21c72
jbcs-httpd24-openssl-chil-1.0.0-3.jbcs.el7.src.rpm SHA-256: 2c382e57553286ef804957a9dac19b3af8f48fd1d1740ef1382776a0c0b6be7d
jbcs-httpd24-openssl-pkcs11-0.4.10-18.jbcs.el7.src.rpm SHA-256: 0fae83a658982cf914c11b26f959967762fdba601374023840c50860370356c1
x86_64
jbcs-httpd24-brotli-1.0.6-40.jbcs.el7.x86_64.rpm SHA-256: 3aa82e40ecbfc182cb6e3983a0cec66b2e45fc811284a472ab2672cafebb5de5
jbcs-httpd24-brotli-debuginfo-1.0.6-40.jbcs.el7.x86_64.rpm SHA-256: b323ce0408f7fe23b080a778f32ea29ef130919fd9a36cfbdee553d3a2cdd8e0
jbcs-httpd24-brotli-devel-1.0.6-40.jbcs.el7.x86_64.rpm SHA-256: 21b0bb4b2160d119b6fb6b2fe569895535a16f468e7bc3864488c8e0166d67e8
jbcs-httpd24-httpd-2.4.37-66.jbcs.el7.x86_64.rpm SHA-256: 636201b6f1757bf9acf363a918b94b9f269c278e41ce204ac33e40db886c4451
jbcs-httpd24-httpd-debuginfo-2.4.37-66.jbcs.el7.x86_64.rpm SHA-256: 77b1e7622e2454b5c2b496c21308ecfadfa05b74d2270646c9edd4ca372d2210
jbcs-httpd24-httpd-devel-2.4.37-66.jbcs.el7.x86_64.rpm SHA-256: 93718348d55c23b7f0983c0f96312416e4aee3a359e305c2d2b54aabb546dc48
jbcs-httpd24-httpd-manual-2.4.37-66.jbcs.el7.noarch.rpm SHA-256: 851f0e2b8a9826844f0e81a6a1a0b1e7020070f84472e0fe5e9374f6d5562ca1
jbcs-httpd24-httpd-selinux-2.4.37-66.jbcs.el7.x86_64.rpm SHA-256: 8367b80ce9a21f89191065b3630c76961baa256dd70e4c2e587240430512ebdf
jbcs-httpd24-httpd-tools-2.4.37-66.jbcs.el7.x86_64.rpm SHA-256: 0c1bab7d837d01c6980fa62b31862abc85c8308d06b030ea1a86699762604408
jbcs-httpd24-mod_cluster-native-1.3.14-16.Final_redhat_2.jbcs.el7.x86_64.rpm SHA-256: 781ee644529be6a7d2b0205ac8d15bf266c2227f685ea0b979bb14caa9d8d55f
jbcs-httpd24-mod_cluster-native-debuginfo-1.3.14-16.Final_redhat_2.jbcs.el7.x86_64.rpm SHA-256: bda2b074afb40f81b589a06d961987208f4d90d06d0d1b4208b312f59b7134f8
jbcs-httpd24-mod_http2-1.15.7-12.jbcs.el7.x86_64.rpm SHA-256: 22c5349363f2a84aaba52bdd5333642224eb2660eb1861a1c428a4ee777abc7b
jbcs-httpd24-mod_http2-debuginfo-1.15.7-12.jbcs.el7.x86_64.rpm SHA-256: a060b299984a215af39ff2a56d4032292dedf6acc8dcbba61582323b6b12c30a
jbcs-httpd24-mod_jk-ap24-1.2.48-11.redhat_1.jbcs.el7.x86_64.rpm SHA-256: 5a229ade8e10d8d1c1d93d300da077f8d3c2b29877e88ea7386934034cd29ff6
jbcs-httpd24-mod_jk-debuginfo-1.2.48-11.redhat_1.jbcs.el7.x86_64.rpm SHA-256: 57b3e3e80196848cf8e3caf8158c9588a2f8c5622b1d7dddad35739d43efda9e
jbcs-httpd24-mod_jk-manual-1.2.48-11.redhat_1.jbcs.el7.x86_64.rpm SHA-256: 6c1847b3112dacbc7f42d302147f734b5b1cc23e66747106a4e9fb5b668fb4e2
jbcs-httpd24-mod_ldap-2.4.37-66.jbcs.el7.x86_64.rpm SHA-256: 1dfded0a947d1f396e3f77d066643ad5fd93f4cc5cd7a5e94e256b208abdc579
jbcs-httpd24-mod_md-2.0.8-31.jbcs.el7.x86_64.rpm SHA-256: 36f780a87221d4d48ebc7cbcf9cea0b4849ab9ffb5ecc7f96957f0e4e4bd9f36
jbcs-httpd24-mod_md-debuginfo-2.0.8-31.jbcs.el7.x86_64.rpm SHA-256: 0654d030b3b42b8507604309ef83649e3392cb6e73bbaa35c466a00af842d062
jbcs-httpd24-mod_proxy_html-2.4.37-66.jbcs.el7.x86_64.rpm SHA-256: eaf3d9f3f06e04fb4852ca85c37ea4ba6e3d484dc5738366e22be220d47385a4
jbcs-httpd24-mod_security-2.9.2-58.GA.jbcs.el7.x86_64.rpm SHA-256: e4ce523ff5e0541286bb460d27a548535e8a8a7a0c48a34f05fb49e07a841155
jbcs-httpd24-mod_security-debuginfo-2.9.2-58.GA.jbcs.el7.x86_64.rpm SHA-256: 6b8cb9a6f7f6918a9ad9e7f2d39b908d70b0b00460337337e388499a541a0fd5
jbcs-httpd24-mod_session-2.4.37-66.jbcs.el7.x86_64.rpm SHA-256: 38724d63594180f58a2a7c5d1453e1d9e8f70617282fd9e76e0ec8a62860da9a
jbcs-httpd24-mod_ssl-2.4.37-66.jbcs.el7.x86_64.rpm SHA-256: c4fb12e78ad6c97e2880f536ca72a1d7795c10a890aee3eddcc1f25718d55ea9
jbcs-httpd24-nghttp2-1.39.2-35.jbcs.el7.x86_64.rpm SHA-256: 2c6b097c0d6e954d128b42bc10851ff6feef5874991d804b7f5a3f00f03aef96
jbcs-httpd24-nghttp2-debuginfo-1.39.2-35.jbcs.el7.x86_64.rpm SHA-256: dad34980c8bf91e2bb8b4113bacf293f17d9713aa0a77973f53b8437945da486
jbcs-httpd24-nghttp2-devel-1.39.2-35.jbcs.el7.x86_64.rpm SHA-256: fd480168ee87c6433e81abc4340295df2a8d33449b0a65e96031c930fea79135
jbcs-httpd24-openssl-1.1.1g-3.jbcs.el7.x86_64.rpm SHA-256: f8fa9a12852edae94b45d5824f0b3266f13f6b55576f26a16adb2cf39389d688
jbcs-httpd24-openssl-chil-1.0.0-3.jbcs.el7.x86_64.rpm SHA-256: 065c3188d567e358b438a0fe4ace6674bbc7b87827946b5154409926342a85f6
jbcs-httpd24-openssl-chil-debuginfo-1.0.0-3.jbcs.el7.x86_64.rpm SHA-256: d8325eca67edee69517824e855d13a65580bca1c315602256751ba62794b70d1
jbcs-httpd24-openssl-debuginfo-1.1.1g-3.jbcs.el7.x86_64.rpm SHA-256: 4958cd2a0c82abab63c02c6ea24395ddb8996bafd0e55d2f1eb1e3f9227a6fef
jbcs-httpd24-openssl-devel-1.1.1g-3.jbcs.el7.x86_64.rpm SHA-256: e19e075cfd8350a61ad53f638296b5c0e6daaff9825689367518699a347d2ac5
jbcs-httpd24-openssl-libs-1.1.1g-3.jbcs.el7.x86_64.rpm SHA-256: 0d53cc349567d928c64fa6fb371004133947c3c9f0311e4552b48bf714547e17
jbcs-httpd24-openssl-perl-1.1.1g-3.jbcs.el7.x86_64.rpm SHA-256: b26d68cc7feff90ccf98d7c7dedfee16df631a512893ebd156e2aab02b77fe8d
jbcs-httpd24-openssl-pkcs11-0.4.10-18.jbcs.el7.x86_64.rpm SHA-256: bcc8e0f0798d1cef1d64acbff94f093089b2d1988ee24ea018dc26b39494df64
jbcs-httpd24-openssl-pkcs11-debuginfo-0.4.10-18.jbcs.el7.x86_64.rpm SHA-256: 538e2f0d5b892d33cf0007a06291995c7fa5ddd4c9f7431de1959a85edd4d15d
jbcs-httpd24-openssl-static-1.1.1g-3.jbcs.el7.x86_64.rpm SHA-256: 946baa8afec5fd1c0492a5757abd40c078e7434b890bacef4f3c1b67adad990a

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat, Inc.

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility