Issued:: 2025-09-02
Updated:: 2025-09-02

RHSA-2025:15036 - Security Advisory

Overview
Updated Packages

Synopsis

Moderate: httpd security update

Type/Severity

Security Advisory: Moderate

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for httpd is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

httpd: HTTP Session Hijack via a TLS upgrade (CVE-2025-49812)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 x86_64
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6 i386
Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6 s390x

Fixes

BZ - 2374580 - CVE-2025-49812 httpd: HTTP Session Hijack via a TLS upgrade

CVEs

CVE-2025-49812

References

https://access.redhat.com/security/updates/classification/#moderate

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension 6

SRPM
httpd-2.2.15-71.el6_10.1.src.rpm	SHA-256: fad28ff1b0c98d3fb439b891a09ee0193fc3f5f69c8ec83c1b55713e31c11e80
x86_64
httpd-2.2.15-71.el6_10.1.x86_64.rpm	SHA-256: 57026eb82660b01f86b5a2d041f6c3cad27cfcdabd9d54ce21402aabeb52aa14
httpd-debuginfo-2.2.15-71.el6_10.1.i686.rpm	SHA-256: 8499e08b3c3328f7b084e59d307b49c07da9b38d961b76f2f4c2d1a3e12854c9
httpd-debuginfo-2.2.15-71.el6_10.1.x86_64.rpm	SHA-256: 99feba61b78c0428da602f288a4c09fc2841b42dfaf307d85499b37211dcba09
httpd-devel-2.2.15-71.el6_10.1.i686.rpm	SHA-256: 23e369a5c81d67c0129fdbf6ae62b2e8350c38b330238ca55b43281e0dd00341
httpd-devel-2.2.15-71.el6_10.1.x86_64.rpm	SHA-256: 1a28af92673147cd042a4a756730575ba0f72491eff686e84be7596e88421b7b
httpd-manual-2.2.15-71.el6_10.1.noarch.rpm	SHA-256: 059c45bdb330281fe8cd682ba992339ce913be3f7c93eddb3abf2cf6ea6606b1
httpd-tools-2.2.15-71.el6_10.1.x86_64.rpm	SHA-256: 133ff6163689d2cae06d142257e67464bd35994ceae2b3f92f3e71333debdd99
mod_ssl-2.2.15-71.el6_10.1.x86_64.rpm	SHA-256: 400090832dba5be4f450a9bd7b7d746efea602b71a2621ef75aef20f269a1531
i386
httpd-2.2.15-71.el6_10.1.i686.rpm	SHA-256: 1047bcbde77b6727946999dbc619f51a633602692fd541eaffc7f79f184d5e75
httpd-debuginfo-2.2.15-71.el6_10.1.i686.rpm	SHA-256: 8499e08b3c3328f7b084e59d307b49c07da9b38d961b76f2f4c2d1a3e12854c9
httpd-devel-2.2.15-71.el6_10.1.i686.rpm	SHA-256: 23e369a5c81d67c0129fdbf6ae62b2e8350c38b330238ca55b43281e0dd00341
httpd-manual-2.2.15-71.el6_10.1.noarch.rpm	SHA-256: 059c45bdb330281fe8cd682ba992339ce913be3f7c93eddb3abf2cf6ea6606b1
httpd-tools-2.2.15-71.el6_10.1.i686.rpm	SHA-256: 7d3bfcdb701b517aca182fbc3aaea0ea6db18654754a9177e76243131dc24a3a
mod_ssl-2.2.15-71.el6_10.1.i686.rpm	SHA-256: 8e42180d3e8c0f8df1ea1ff03553a30c8d5d99ecf58722b71962523708691277

Red Hat Enterprise Linux Server - Extended Life Cycle Support Extension (for IBM z Systems) 6

SRPM
httpd-2.2.15-71.el6_10.1.src.rpm	SHA-256: fad28ff1b0c98d3fb439b891a09ee0193fc3f5f69c8ec83c1b55713e31c11e80
s390x
httpd-2.2.15-71.el6_10.1.s390x.rpm	SHA-256: 9ad273e956973c7fffda32a5754884e3d52536cb399f706628058f4df14edf4c
httpd-debuginfo-2.2.15-71.el6_10.1.s390.rpm	SHA-256: 8dfd170eecf96567b78bd1d8ee64a8c376c400c625264262c4b20609903ed7d1
httpd-debuginfo-2.2.15-71.el6_10.1.s390x.rpm	SHA-256: 184009bf636604a8f33c6745993a275c3c9ff326d5d1f3ed860da5632230fca1
httpd-devel-2.2.15-71.el6_10.1.s390.rpm	SHA-256: f35c4dd7035b77fe47ff5a9ab1763136d672cdf20cfe8a879a86bb48a1c01ee6
httpd-devel-2.2.15-71.el6_10.1.s390x.rpm	SHA-256: f616b8fdfd7e7a53162b961f1d6724d0b640da9a56da3d7e7cf2f82c2eead7b4
httpd-manual-2.2.15-71.el6_10.1.noarch.rpm	SHA-256: 059c45bdb330281fe8cd682ba992339ce913be3f7c93eddb3abf2cf6ea6606b1
httpd-tools-2.2.15-71.el6_10.1.s390x.rpm	SHA-256: 7f9d7eb8e0a059a4706a18367601b1a27fa1a6ab1db20759913224180f8a16f2
mod_ssl-2.2.15-71.el6_10.1.s390x.rpm	SHA-256: 1505e2d498b98168a9a3733f8ec9738db54bf86ea5a108053a148e3864431d8b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation