Lucene search
Rockylinux Product ErrataRLSA-2024:2564HistoryMay 10, 2024 - 2:32 p.m.
mod_http2 security update
2024-05-1014:32:42
Rockylinux Product Errata
errata.rockylinux.org
6
mod_http2
security update
rocky linux 9
cvss score
http2 protocol
dos
cve page
An update is available for mod_http2.
This update affects Rocky Linux 9.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers.
Security Fix(es):
- mod_http2: httpd: CONTINUATION frames DoS (CVE-2024-27316)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| rocky | 9 | aarch64 | mod_http2 | < 2.0.26-2.el9_4 | mod_http2-0:2.0.26-2.el9_4.aarch64.rpm |
| rocky | 9 | ppc64le | mod_http2 | < 2.0.26-2.el9_4 | mod_http2-0:2.0.26-2.el9_4.ppc64le.rpm |
| rocky | 9 | s390x | mod_http2 | < 2.0.26-2.el9_4 | mod_http2-0:2.0.26-2.el9_4.s390x.rpm |
| rocky | 9 | x86_64 | mod_http2 | < 2.0.26-2.el9_4 | mod_http2-0:2.0.26-2.el9_4.x86_64.rpm |
| rocky | 9 | aarch64 | mod_http2-debuginfo | < 2.0.26-2.el9_4 | mod_http2-debuginfo-0:2.0.26-2.el9_4.aarch64.rpm |
| rocky | 9 | ppc64le | mod_http2-debuginfo | < 2.0.26-2.el9_4 | mod_http2-debuginfo-0:2.0.26-2.el9_4.ppc64le.rpm |
| rocky | 9 | s390x | mod_http2-debuginfo | < 2.0.26-2.el9_4 | mod_http2-debuginfo-0:2.0.26-2.el9_4.s390x.rpm |
| rocky | 9 | x86_64 | mod_http2-debuginfo | < 2.0.26-2.el9_4 | mod_http2-debuginfo-0:2.0.26-2.el9_4.x86_64.rpm |
| rocky | 9 | aarch64 | mod_http2-debugsource | < 2.0.26-2.el9_4 | mod_http2-debugsource-0:2.0.26-2.el9_4.aarch64.rpm |
| rocky | 9 | ppc64le | mod_http2-debugsource | < 2.0.26-2.el9_4 | mod_http2-debugsource-0:2.0.26-2.el9_4.ppc64le.rpm |
Related
nessus
nessus
RHEL 8 : httpd:2.4/mod_http2 (RHSA-2024:1786)
2024-04-11 00:00:00
Oracle Linux 8 : httpd:2.4/mod_http2 (ELSA-2024-1786)
2024-04-13 00:00:00
Amazon Linux AMI : httpd24 (ALAS-2024-1931)
2024-04-29 00:00:00
osv
osv
CVE-2024-27316
2024-04-04 20:15:08
Important: httpd:2.4/mod_http2 security update
2024-05-06 13:04:21
Important: httpd:2.4/mod_http2 security update
2024-04-11 00:00:00
redos
redos
ROS-20240425-01
2024-04-25 00:00:00
veracode
veracode
Memory Exhaustion
2024-04-10 19:25:29
redhat
redhat
(RHSA-2024:1872) Important: mod_http2 security update
2024-04-18 00:58:11
(RHSA-2024:3417) Moderate: mod_http2 security update
2024-05-28 13:04:17
(RHSA-2024:3402) Moderate: mod_http2 security update
2024-05-28 12:59:28
debiancve
debiancve
CVE-2024-27316
2024-04-04 20:15:08
rocky
rocky
httpd:2.4/mod_http2 security update
2024-05-06 13:04:21
almalinux
almalinux
Moderate: mod_http2 security update
2024-04-30 00:00:00
Important: httpd:2.4/mod_http2 security update
2024-04-11 00:00:00
Important: mod_http2 security update
2024-04-18 00:00:00
githubexploit
githubexploit
Exploit for CVE-2024-27316
2024-04-17 20:08:05
Exploit for CVE-2024-27316
2024-04-09 08:08:07
oraclelinux
oraclelinux
mod_http2 security update
2024-04-18 00:00:00
httpd:2.4/mod_http2 security update
2024-04-11 00:00:00
mod_http2 security update
2024-05-07 00:00:00
amazon
amazon
Important: mod_http2
2024-04-24 22:15:00
Important: httpd24
2024-04-25 16:04:00
ubuntucve
ubuntucve
CVE-2024-27316
2024-03-27 00:00:00
hackerone
hackerone
f5
f5
K000139214 : Apache httpd vulnerability CVE-2024-27316
2024-04-08 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-27316 affecting package httpd for versions less than 2.4.59-1
2024-05-06 17:48:02
fedora
fedora
[SECURITY] Fedora 39 Update: mod_http2-2.0.27-1.fc39
2024-04-21 01:20:22
[SECURITY] Fedora 38 Update: mod_http2-2.0.27-1.fc38
2024-04-21 02:57:21
[SECURITY] Fedora 40 Update: mod_http2-2.0.27-1.fc40
2024-04-21 01:08:56
cvelist
cvelist
cve
cve
CVE-2024-27316
2024-04-04 20:15:08
redhatcve
redhatcve
CVE-2024-27316
2024-04-03 19:27:03
ibm
ibm
Security Bulletin: IBM Aspera Console has addressed a denial of service vulnerability (CVE-2024-27316)
2024-05-29 21:22:20
alpinelinux
alpinelinux
CVE-2024-27316
2024-04-04 20:15:08
slackware
slackware
[slackware-security] httpd
2024-04-04 19:16:44
ubuntu
ubuntu
Apache HTTP Server vulnerabilities
2024-04-17 00:00:00
Apache HTTP Server vulnerabilities
2024-04-29 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6729-3)
2024-04-30 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1627-1)
2024-05-14 00:00:00
Ubuntu: Security Advisory (USN-6729-1)
2024-04-12 00:00:00
freebsd
freebsd
Apache httpd -- multiple vulnerabilities
2024-04-04 00:00:00
mageia
mageia
Updated apache packages fix security vulnerabilities
2024-04-10 07:03:52
arista
arista
Security Advisory 0094
2024-04-05 00:00:00
cert
cert
HTTP/2 CONTINUATION frames can be utilized for DoS attacks
2024-04-03 00:00:00
thn
thn
New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks
2024-04-04 11:15:00