Issued:: 2024-09-11
Updated:: 2024-09-11

RHSA-2024:6584 - Security Advisory

Overview
Updated Packages

Synopsis

Important: httpd security update

Type/Severity

Security Advisory: Important

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for httpd is now available for Red Hat Enterprise Linux 7.7 Advanced Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

httpd: Security issues via?backend applications whose response headers are malicious or exploitable (CVE-2024-38476)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - AUS 7.7 x86_64

Fixes

BZ - 2295015 - CVE-2024-38476 httpd: Security issues via?backend applications whose response headers are malicious or exploitable

CVEs

CVE-2024-38476

References

https://access.redhat.com/security/updates/classification/#important

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - AUS 7.7

SRPM
httpd-2.4.6-90.el7_7.5.src.rpm	SHA-256: fa0287c97893baea9d42e7323dd8be804542ef2e7e404d6ff7cedbc575650617
x86_64
httpd-2.4.6-90.el7_7.5.x86_64.rpm	SHA-256: 8bf6c2961b25f18bdecca774fa5209e8a60086ebb6ebd020e93f869ddca2dffc
httpd-debuginfo-2.4.6-90.el7_7.5.x86_64.rpm	SHA-256: 8c652cfa751968ac4c2256db258a94296926f4d955527c12c8ad0d31b7cf083b
httpd-debuginfo-2.4.6-90.el7_7.5.x86_64.rpm	SHA-256: 8c652cfa751968ac4c2256db258a94296926f4d955527c12c8ad0d31b7cf083b
httpd-devel-2.4.6-90.el7_7.5.x86_64.rpm	SHA-256: e7a11e0563b438bce0bbc94d3a9a8a39365dd6a057bb0e91d994bde861103687
httpd-manual-2.4.6-90.el7_7.5.noarch.rpm	SHA-256: 336e68a32a1ecc9d6a419c77046596f0709b9269c063731bce23fdbb238a4ea1
httpd-tools-2.4.6-90.el7_7.5.x86_64.rpm	SHA-256: 9e22720d0f461c275f4f32fab6105663ee771863ccec3be840c90c83d6bfd931
mod_ldap-2.4.6-90.el7_7.5.x86_64.rpm	SHA-256: 9b59bd4cae022d153e564390e8dbf631d397ff1d7f4e8ea4eee2056395b13f3a
mod_proxy_html-2.4.6-90.el7_7.5.x86_64.rpm	SHA-256: bb2d93002ae6c3f3b8a2d249d964f2b4a6b9b5ee4088fc13b561708e4168c05f
mod_session-2.4.6-90.el7_7.5.x86_64.rpm	SHA-256: c084b214d9345e430fea4e92e4d4e6b5d4e2613c560e77b33f6b0e1b19406151
mod_ssl-2.4.6-90.el7_7.5.x86_64.rpm	SHA-256: e123488b15aab561d918152eb7c1b447cd63d6c5c294ced268b93b41f6b8e420

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation