(RHSA-2011:1245) Important: httpd security update

2011-08-31T04:00:00
ID RHSA-2011:1245
Type redhat
Reporter RedHat
Modified 2018-06-06T20:24:16

Description

The Apache HTTP Server is a popular web server.

A flaw was found in the way the Apache HTTP Server handled Range HTTP headers. A remote attacker could use this flaw to cause httpd to use an excessive amount of memory and CPU time via HTTP requests with a specially-crafted Range header. (CVE-2011-3192)

All httpd users should upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.