httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update

🗓️ 25 Jan 2022 17:31:14Reported by CentOS ProjectType

centos

centos🔗 lists.centos.org👁 693 Views

httpd, mod_ldap, mod_proxy_html, mod_session, mod_ssl security update. CentOS CESA-2022:014

Reporter	Title	Published	Views	Family All 648
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server shipped with IBM Security Access Manager for Enterprise Single Sign-On (CVE-2021-39275)	1 Oct 202102:49	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities are addressed with IBM Business Automation Manager Open Editions 9.0.1	16 Nov 202315:21	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2021-39275)	18 Oct 202106:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2021-39275, CVE-2021-40438, CVE-2021-34798)	8 Nov 202104:06	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in IBM HTTP Server used by WebSphere Application Server	29 Sep 202119:33	–	ibm
IBM Security Bulletins	Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for IBM Tivoli Network Manager IP Edition (CVE-2021-44790, CVE-2021-44224)	1 Apr 202210:32	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Rational Build Forge is affected by Apache HTTP Server version used in it. (CVE-2021-44790)	2 Mar 202214:54	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been identified in IBM HTTP Server shipped with IBM Rational ClearCase (CVE-2021-44790, CVE-2021-44224)	16 Mar 202208:32	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Apache HTTP (CVE-2021-34798 and CVE-2021-39275) affects Power HMC	30 May 202211:54	–	ibm
IBM Security Bulletins	Security Bulletin: Apache HTTP Server as used by IBM QRadar SIEM is vulnerable to buffer overflow and denial of service (CVE-2021-44790, CVE-2021-34798, CVE-2021-39275)	28 Feb 202217:37	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
CentOS	7	x86_64	httpd	2.4.6-97.el7.centos.4	httpd-2.4.6-97.el7.centos.4.x86_64.rpm
CentOS	7	x86_64	httpd-devel	2.4.6-97.el7.centos.4	httpd-devel-2.4.6-97.el7.centos.4.x86_64.rpm
CentOS	7	noarch	httpd-manual	2.4.6-97.el7.centos.4	httpd-manual-2.4.6-97.el7.centos.4.noarch.rpm
CentOS	7	x86_64	httpd-tools	2.4.6-97.el7.centos.4	httpd-tools-2.4.6-97.el7.centos.4.x86_64.rpm
CentOS	7	x86_64	mod_ldap	2.4.6-97.el7.centos.4	mod_ldap-2.4.6-97.el7.centos.4.x86_64.rpm
CentOS	7	x86_64	mod_proxy_html	2.4.6-97.el7.centos.4	mod_proxy_html-2.4.6-97.el7.centos.4.x86_64.rpm
CentOS	7	x86_64	mod_session	2.4.6-97.el7.centos.4	mod_session-2.4.6-97.el7.centos.4.x86_64.rpm
CentOS	7	x86_64	mod_ssl	2.4.6-97.el7.centos.4	mod_ssl-2.4.6-97.el7.centos.4.x86_64.rpm

Source	Link
twitter	www.twitter.com/centos
steadfast	www.steadfast.net/
linkedin	www.linkedin.com/groups/22405
youtube	www.youtube.com/TheCentOSProject
facebook	www.facebook.com/groups/centosproject/
reddit	www.reddit.com/r/CentOS/
access	www.access.redhat.com/errata/RHSA-2022:0143

25 Jan 2022 17:31Current

7.4High risk

Vulners AI Score7.4

CVSS 27.5

CVSS 3.19.8

EPSS0.86227

apache http server buffer overflow heap overflow null pointer out-of-bounds write security advisory mod_lua mod_session mod_ssl mod_ldap