- Issued:
- 2024-09-25
- Updated:
- 2024-09-25
RHSA-2024:7101 - Security Advisory
Synopsis
Important: httpd security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 7-ELS Release Notes linked from the References section.
Solution
For details on how to apply this update, which includes the changes described in this advisory, refer to:
Affected Products
- Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
- Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
- Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le
Fixes
- BZ - 2295015 - CVE-2024-38476 httpd: Security issues via?backend applications whose response headers are malicious or exploitable
CVEs
Red Hat Enterprise Linux Server - Extended Life Cycle Support 7
SRPM | |
---|---|
httpd-2.4.6-99.el7_9.3.src.rpm | SHA-256: 5898a1556c95b335b27c847437ec420a1b75f34d3be0250117ac112e6dc26c73 |
x86_64 | |
httpd-2.4.6-99.el7_9.3.x86_64.rpm | SHA-256: 5bec6c2723aaa87cdf5c26dd2d825b71fe3afeadaa8a520fcaca673938d13f36 |
httpd-debuginfo-2.4.6-99.el7_9.3.x86_64.rpm | SHA-256: 7038324a2c944655d4e03492fedbeae257543f15dca5f614deb1a1aa0acc3928 |
httpd-debuginfo-2.4.6-99.el7_9.3.x86_64.rpm | SHA-256: 7038324a2c944655d4e03492fedbeae257543f15dca5f614deb1a1aa0acc3928 |
httpd-devel-2.4.6-99.el7_9.3.x86_64.rpm | SHA-256: 345b4682ecc63e3ad9a3f280f3d69aea9e35bd3cb122161b5dfa341847402929 |
httpd-manual-2.4.6-99.el7_9.3.noarch.rpm | SHA-256: f157598b92bebe21f58cdb3610d4516adce011ac91aca78d7c64505ade53b845 |
httpd-tools-2.4.6-99.el7_9.3.x86_64.rpm | SHA-256: 94953251bed5dd6cb5f011111fa2c874ce79eb25767215f6ba9ee6f8859b183e |
mod_ldap-2.4.6-99.el7_9.3.x86_64.rpm | SHA-256: 47ffd009703081488ddccf4d15f760704cacc17a64c9c21f3a5962df6e523bd2 |
mod_proxy_html-2.4.6-99.el7_9.3.x86_64.rpm | SHA-256: d71251dd09f0f04274005bd216c8abb697406c92f4ba58bf925d833d71233dfd |
mod_session-2.4.6-99.el7_9.3.x86_64.rpm | SHA-256: b103b639226ecb3c59400e69e075cfb1fb342f38aa64946f2bb85885743e3c10 |
mod_ssl-2.4.6-99.el7_9.3.x86_64.rpm | SHA-256: d65d715d7aca8380252b51af8f551fb301be0b456586e4a8bfd23fb583226ede |
Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7
SRPM | |
---|---|
httpd-2.4.6-99.el7_9.3.src.rpm | SHA-256: 5898a1556c95b335b27c847437ec420a1b75f34d3be0250117ac112e6dc26c73 |
s390x | |
httpd-2.4.6-99.el7_9.3.s390x.rpm | SHA-256: d3aee779d5e519c05eeba2a8a0b60dc11278ab0025fe40aec2340b2d6a059a09 |
httpd-debuginfo-2.4.6-99.el7_9.3.s390x.rpm | SHA-256: 1e0cadc65641fc1b372c620facf0446aaaf49188f4f91a976357de4180481aa4 |
httpd-debuginfo-2.4.6-99.el7_9.3.s390x.rpm | SHA-256: 1e0cadc65641fc1b372c620facf0446aaaf49188f4f91a976357de4180481aa4 |
httpd-devel-2.4.6-99.el7_9.3.s390x.rpm | SHA-256: a7db7bda24bc4eb13d1248cb3c37f996151cc72c175e052418a43ba387950c90 |
httpd-manual-2.4.6-99.el7_9.3.noarch.rpm | SHA-256: f157598b92bebe21f58cdb3610d4516adce011ac91aca78d7c64505ade53b845 |
httpd-tools-2.4.6-99.el7_9.3.s390x.rpm | SHA-256: 1bb9936c9bca95c638bde45d16ce653f104aacc93b9f2b202d0dd7c536007ed5 |
mod_ldap-2.4.6-99.el7_9.3.s390x.rpm | SHA-256: c34226b60941fabd8b58f85ec1623d0f7c024caa6b364222971599847a296f5e |
mod_proxy_html-2.4.6-99.el7_9.3.s390x.rpm | SHA-256: 34b83c4a89c0afab4e95e6306d31dfef499a6154dd5964acf03c6718fe5c39ee |
mod_session-2.4.6-99.el7_9.3.s390x.rpm | SHA-256: 88d9606ee8f014641b62dc44fd8a2cf1b0c0079127f98b88cadf94299a1b4291 |
mod_ssl-2.4.6-99.el7_9.3.s390x.rpm | SHA-256: 1a1da156a7fa894e19f842e61ea0c392e6c9f20af7a5662be51e337e98b817c9 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7
SRPM | |
---|---|
httpd-2.4.6-99.el7_9.3.src.rpm | SHA-256: 5898a1556c95b335b27c847437ec420a1b75f34d3be0250117ac112e6dc26c73 |
ppc64 | |
httpd-2.4.6-99.el7_9.3.ppc64.rpm | SHA-256: 1d48bf2534dbab05a643e148a6f0d29750416f7e6d4b122622f64f03aaedba25 |
httpd-debuginfo-2.4.6-99.el7_9.3.ppc64.rpm | SHA-256: 92cf927d0ec883886fc19a4cb8e326d655909cd86d924ef218a4a22389571650 |
httpd-debuginfo-2.4.6-99.el7_9.3.ppc64.rpm | SHA-256: 92cf927d0ec883886fc19a4cb8e326d655909cd86d924ef218a4a22389571650 |
httpd-devel-2.4.6-99.el7_9.3.ppc64.rpm | SHA-256: d536f3bafc2c84c1df1629ff616b34c944c75cc8ff3641ca7e9ceac9d0912dea |
httpd-manual-2.4.6-99.el7_9.3.noarch.rpm | SHA-256: f157598b92bebe21f58cdb3610d4516adce011ac91aca78d7c64505ade53b845 |
httpd-tools-2.4.6-99.el7_9.3.ppc64.rpm | SHA-256: c9975d4eb7bcee0efff0193d5ed24c05c01a51eced29a9e4afea168af273c6a2 |
mod_ldap-2.4.6-99.el7_9.3.ppc64.rpm | SHA-256: 20d8f16a41e9ba9396bfc40851a43568a2c433b9cfc3ea85d4bc6d5037b4e234 |
mod_proxy_html-2.4.6-99.el7_9.3.ppc64.rpm | SHA-256: 2fa8e7d6e606c184ffef807fc2a7d7a7a01b3e13c0cbb05b504d7951bf31a76d |
mod_session-2.4.6-99.el7_9.3.ppc64.rpm | SHA-256: 78a4eedb70ade4a86b0264c8d55821fb093b07ce14503bdd317e917a23805f8b |
mod_ssl-2.4.6-99.el7_9.3.ppc64.rpm | SHA-256: 2aaacf0fbb7a1cc7664cbc84a139301cfdbe917ec21ee9ec9f97c25c61a5df42 |
Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7
SRPM | |
---|---|
httpd-2.4.6-99.el7_9.3.src.rpm | SHA-256: 5898a1556c95b335b27c847437ec420a1b75f34d3be0250117ac112e6dc26c73 |
ppc64le | |
httpd-2.4.6-99.el7_9.3.ppc64le.rpm | SHA-256: 4cd0972d46e4f095f742a58f526dde033866c0d0096a5c20770f2812149955e3 |
httpd-debuginfo-2.4.6-99.el7_9.3.ppc64le.rpm | SHA-256: 204f51783e992c15ef65359ee914ff711a2a5987393a420d800321c0a9bc8c3f |
httpd-debuginfo-2.4.6-99.el7_9.3.ppc64le.rpm | SHA-256: 204f51783e992c15ef65359ee914ff711a2a5987393a420d800321c0a9bc8c3f |
httpd-devel-2.4.6-99.el7_9.3.ppc64le.rpm | SHA-256: 519de5b059fb8f336ff9c8de7b838ec351d1ffa35d8f67ab5565ce493c583a4a |
httpd-manual-2.4.6-99.el7_9.3.noarch.rpm | SHA-256: f157598b92bebe21f58cdb3610d4516adce011ac91aca78d7c64505ade53b845 |
httpd-tools-2.4.6-99.el7_9.3.ppc64le.rpm | SHA-256: bc6903e3965c54f235c04cd786e4f3d4dae981212900aa62155c326e0fd6fef5 |
mod_ldap-2.4.6-99.el7_9.3.ppc64le.rpm | SHA-256: c0ed3f99e2acd14b0fb8fb2b93970466382a3a5ba510de6393ece7670523e90f |
mod_proxy_html-2.4.6-99.el7_9.3.ppc64le.rpm | SHA-256: 8274d1a66ca1592bf1da0db8e6bffe71017b0d2b10baca79caab68adc460c9bc |
mod_session-2.4.6-99.el7_9.3.ppc64le.rpm | SHA-256: 985703b29f4fc5448f494f6ff5beef1ab7bca22fda85e24ca9f362041615959e |
mod_ssl-2.4.6-99.el7_9.3.ppc64le.rpm | SHA-256: 6b38399c9029bc920282d624795bd2d667ea869198425e88c17d7f87cf85c5ab |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.