5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.467 Medium
EPSS
Percentile
97.4%
CentOS Errata and Security Advisory CESA-2015:0325
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and
extensible web server.
A flaw was found in the way httpd handled HTTP Trailer headers when processing
requests using chunked encoding. A malicious client could use Trailer headers to
set additional HTTP headers after header processing was performed by other
modules. This could, for example, lead to a bypass of header restrictions
defined with mod_headers. (CVE-2013-5704)
A NULL pointer dereference flaw was found in the way the mod_cache httpd module
handled Content-Type headers. A malicious HTTP server could cause the httpd
child process to crash when the Apache HTTP server was configured to proxy to a
server with caching enabled. (CVE-2014-3581)
This update also fixes the following bugs:
Previously, the mod_proxy_fcgi Apache module always kept the back-end
connections open even when they should have been closed. As a consequence, the
number of open file descriptors was increasing over the time. With this update,
mod_proxy_fcgi has been fixed to check the state of the back-end connections,
and it closes the idle back-end connections as expected. (BZ#1168050)
An integer overflow occurred in the ab utility when a large request count was
used. Consequently, ab terminated unexpectedly with a segmentation fault while
printing statistics after the benchmark. This bug has been fixed, and ab no
longer crashes in this scenario. (BZ#1092420)
Previously, when httpd was running in the foreground and the user pressed
Ctrl+C to interrupt the httpd processes, a race condition in signal handling
occurred. The SIGINT signal was sent to all children followed by SIGTERM from
the main process, which interrupted the SIGINT handler. Consequently, the
affected processes became unresponsive or terminated unexpectedly. With this
update, the SIGINT signals in the child processes are ignored, and httpd no
longer hangs or crashes in this scenario. (BZ#1131006)
In addition, this update adds the following enhancements:
With this update, the mod_proxy module of the Apache HTTP Server supports the
Unix Domain Sockets (UDS). This allows mod_proxy back ends to listen on UDS
sockets instead of TCP sockets, and as a result, mod_proxy can be used to
connect UDS back ends. (BZ#1168081)
This update adds support for using the SetHandler directive together with the
mod_proxy module. As a result, it is possible to configure SetHandler to use
proxy for incoming requests, for example, in the following format: SetHandler
โproxy:fcgi://127.0.0.1:9000โ. (BZ#1136290)
The htaccess API changes introduced in httpd 2.4.7 have been backported to
httpd shipped with Red Hat Enterprise Linux 7.1. These changes allow for the
MPM-ITK module to be compiled as an httpd module. (BZ#1059143)
All httpd users are advised to upgrade to these updated packages, which contain
backported patches to correct these issues and add these enhancements. After
installing the updated packages, the httpd daemon will be restarted
automatically.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-cr-announce/2015-March/027854.html
Affected packages:
httpd
httpd-devel
httpd-manual
httpd-tools
mod_ldap
mod_proxy_html
mod_session
mod_ssl
Upstream details at:
https://access.redhat.com/errata/RHSA-2015:0325
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 7 | x86_64 | httpd | <ย 2.4.6-31.el7.centos | httpd-2.4.6-31.el7.centos.x86_64.rpm |
CentOS | 7 | x86_64 | httpd-devel | <ย 2.4.6-31.el7.centos | httpd-devel-2.4.6-31.el7.centos.x86_64.rpm |
CentOS | 7 | noarch | httpd-manual | <ย 2.4.6-31.el7.centos | httpd-manual-2.4.6-31.el7.centos.noarch.rpm |
CentOS | 7 | x86_64 | httpd-tools | <ย 2.4.6-31.el7.centos | httpd-tools-2.4.6-31.el7.centos.x86_64.rpm |
CentOS | 7 | x86_64 | mod_ldap | <ย 2.4.6-31.el7.centos | mod_ldap-2.4.6-31.el7.centos.x86_64.rpm |
CentOS | 7 | x86_64 | mod_proxy_html | <ย 2.4.6-31.el7.centos | mod_proxy_html-2.4.6-31.el7.centos.x86_64.rpm |
CentOS | 7 | x86_64 | mod_session | <ย 2.4.6-31.el7.centos | mod_session-2.4.6-31.el7.centos.x86_64.rpm |
CentOS | 7 | x86_64 | mod_ssl | <ย 2.4.6-31.el7.centos | mod_ssl-2.4.6-31.el7.centos.x86_64.rpm |