Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: httpd and mod_http2 security update

An update for httpd and modhttp2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

ALSA-2023:1670 Important: httpd and mod_http2 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

httpd and mod_http2 security update

httpd 2.4.53-7.0.1.5 - Replace index.html with Oracle's index page oracleindex.html. 2.4.53-7.5 - Resolves: 2177751 - CVE-2023-25690 httpd: HTTP request splitting with modrewrite and modproxy modhttp2 1.15.19-3.5 - Resolves: 2177751 - CVE-2023-25690 httpd: HTTP request splitting with modrewrite a...

Important: httpd and mod_http2 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting with modrewrite and modproxy CVE-2023-25690 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other...

httpd security update

2.4.6-98.0.3 - modproxy: approxyhttprequest to clear hop-by-hop first and fixup last CVE-2022-31813Orabug: 34381850 - modsession: save one aprstrtok Orabug: 33338149CVE-2021-26690 2.4.6-98.0.1 - replace index.html with Oracle's index page oracleindex.html 2.4.6-97.7 - Resolves: 2177742 -...

Security Bulletin: IBM HTTP Server is vulnerable to HTTP request splitting due to the included Apache HTTP Server (CVE-2023-25690)

Summary IBM HTTP Server used by IBM WebSphere Application Server is vulnerable to HTTP request splitting when using modproxy or the Web Server Plug-in due to the included Apache HTTP Server. This has been addressed in the remediation section. Vulnerability Details CVEID:CVE-2023-25690 DESCRIPTION...

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: httpd security update

An update for httpd is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Important: Red Hat Security Advisory: httpd:2.4 security update

An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RHEL 8 : httpd:2.4 (RHSA-2023:1547)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1547 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: HTTP request splitting wi...

SUSE: Security Advisory (SUSE-SU-2023:1573-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:1573-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2023-27522: Fixed HTTP response splitting in modproxyuwsgi bsc1209049. - CVE-2023-25690: Fixed HTTP request splitting with modrewrite and modproxy bsc1209047. The following non-security bugs were fixed: - Fixed modproxy handling of very lo...

SUSE SLES12 Security Update : apache2 (SUSE-SU-2023:0803-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0803-1 advisory. - Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are...

SUSE-SU-2023:0803-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2023-25690: Fixed HTTP request splitting with modrewrite and modproxy bsc1209047. The following non-security bugs were fixed: - Fixed passing health check does not recover worker from its error state bsc1208708...

SUSE-SU-2023:0799-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2023-27522: Fixed HTTP response splitting in modproxyuwsgi bsc1209049. - CVE-2023-25690: Fixed HTTP request splitting with modrewrite and modproxy bsc1209047. The following non-security bugs were fixed: - Fixed passing health check does no...

CLSA-2023-1679000716 httpd: Fix of 2 CVEs

CVE-2023-25690: HTTP request splitting with modrewrite and modproxy - CVE-2023-27522: modproxyuwsgi: HTTP response splitting...

CLSA-2023-1679000442 httpd: Fix of 2 CVEs

CVE-2023-25690: HTTP request splitting with modrewrite and modproxy - CVE-2023-27522: modproxyuwsgi: HTTP response splitting...

SUSE-SU-2023:0764-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2023-27522: Fixed HTTP response splitting in modproxyuwsgi bsc1209049. - CVE-2023-25690: Fixed HTTP request splitting with modrewrite and modproxy bsc1209047. The following non-security bugs were fixed: - Fixed passing health check does no...

Apache HTTP Server: HTTP request splitting with mod_rewrite and mod_proxy

...