Fedora Update for mod_http2 FEDORA-2018-6ffb18592f

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 28 Update: mod_http2-1.11.1-1.fc28

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

[slackware-security] httpd

New httpd packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/httpd-2.4.34-i586-1slack14.2.txz: Upgraded. This update fixes two denial of service issues: modmd: DoS via Coredumps on...

Fedora Update for mod_http2 FEDORA-2018-63de5f3f6b

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 26 : mod_http2 (2018-63de5f3f6b)

This release includes the latest stable upstream release of modhttp2. The changes since the last update are : - fixes a race condition where aborting streams triggers an unnecessary timeout. - accurate reporting of h2 data input/output per request via modlogio. Fixes an issue where output sizes...

[SECURITY] Fedora 26 Update: mod_http2-1.10.18-1.fc26

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

Fedora 27 : mod_http2 (2018-0a95bff197)

This update includes the latest upstream release of modhttp2, version 1.10.16. This includes a security fix CVE-2018-1302 : When an HTTP/2 stream was destroyed after being handled, modhttp2 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by th...

Fedora Update for mod_http2 FEDORA-2018-0a95bff197

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 27 Update: mod_http2-1.10.16-1.fc27

The modh2 Apache httpd module implements the HTTP2 protocol h2+h2c on top of libnghttp2 for httpd 2.4 servers...

FreeBSD : apache -- multiple vulnerabilities (f38187e7-2f6e-11e8-8f07-b499baebfeaf)

The Apache httpd reports : Out of bound write in modauthnzldap with AuthLDAPCharsetConfig enabled CVE-2017-15710 modsession: CGI-like applications that intend to read from modsession's 'SessionEnv ON' could be fooled into reading user-supplied data instead. CVE-2018-1283 modcachesocache: Fix...

apache -- multiple vulnerabilities

The Apache httpd reports: Out of bound write in modauthnzldap with AuthLDAPCharsetConfig enabled CVE-2017-15710 modsession: CGI-like applications that intend to read from modsession's 'SessionEnv ON' could be fooled into reading user-supplied data instead. CVE-2018-1283 modcachesocache: Fix reque...

Apache HTTPD mod_http2 Null Pointer Dereference (CVE-2017-7659)

A null pointer dereference vulnerability exists in the modhttp2 module of Apache HTTPD. This vulnerability is due to improper handling of HTTP requests. A remote, unauthenticated attacker could exploit these vulnerability by sending maliciously crafted HTTP request to the affected server...

httpd: mod_http2 NULL pointer dereference

A NULL pointer dereference flaw was found in the modhttp2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request...

Important: Red Hat Security Advisory: httpd24-httpd security update

An update for httpd24-httpd is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...

Amazon Linux AMI : httpd24 (ALAS-2017-863)

apfindtoken buffer overread : A buffer over-read flaw was found in the httpd's apfindtoken function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. CVE-2017-7668 Apache HTTP Request Parsing Whitespace Defects : It was discovered...

CVE-2017-7659

A maliciously constructed HTTP/2 request could cause modhttp2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process...

CVE-2017-7659

A maliciously constructed HTTP/2 request could cause modhttp2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process...

ALPINE-CVE-2017-7659

A maliciously constructed HTTP/2 request could cause modhttp2 in Apache HTTP Server 2.4.24, 2.4.25 to dereference a NULL pointer and crash the server process...

Apache HTTP Server 'mod_http2' Denial-Of-Service Vulnerability - Linux

Apache HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apache HTTP Server 'mod_http2' Denial-Of-Service Vulnerability - Windows

Apache HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...