httpd:2.4 security fix update

エラータID: AXSA:2024-8505:01

リリース日: 
2024/07/03 Wednesday - 18:46
題名: 
httpd:2.4 security fix update
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

以下項目について対処しました。

[Security Fix]
- Apache HTTP Server には、入力されたヘッダーの検証処理
に問題があるため、リモートの攻撃者により、バックエンド
サーバーからの細工された Content Type、Content Encoding、
およびその他のヘッダーの入力を介して、不正な HTTP
レスポンスの分割を可能とする脆弱性が存在します。
(CVE-2023-38709)

Modularity name: httpd
Stream name: 2.4

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2023-38709
Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. httpd-2.4.37-65.module+el8+1784+21b8bc8d.ML.1.src.rpm
    MD5: 749000821f07514e2cce2ea99bcd1da6
    SHA-256: 7127ece9d820df1791e5aebc484ca127fcd46c5ca9803061f3ccd099c6a0dafd
    Size: 6.96 MB
  2. mod_http2-1.15.7-10.module+el8+1784+21b8bc8d.src.rpm
    MD5: 4300a6b51ae5c34cb625b21345947bc3
    SHA-256: 0097715478237ea5c16ea2fa29c9eee87c81ac6630ec97860fd8bb6294222c83
    Size: 1.02 MB
  3. mod_md-2.0.8-8.module+el8+1784+21b8bc8d.src.rpm
    MD5: 74ab168deac476a11f3edef611175005
    SHA-256: d312d4fd8efa45aed31196265e46bd87a2896ca4e758a3790c742d878cad02a3
    Size: 635.32 kB

Asianux Server 8 for x86_64
  1. httpd-2.4.37-65.module+el8+1784+21b8bc8d.ML.1.x86_64.rpm
    MD5: 02ba6ee1c4df6fc878ab79ee4fd44016
    SHA-256: cf9c03abcccbf1532907b340dd4645becf86541b01e28c3a86ab971263351c7c
    Size: 1.41 MB
  2. httpd-debugsource-2.4.37-65.module+el8+1784+21b8bc8d.ML.1.x86_64.rpm
    MD5: 26f062ed105d7a20d79d0a86dec8375f
    SHA-256: 6712a6e2ff2366b1c3fb517eb7dfca08dcee45abd791be5e72c52a9cc648f6da
    Size: 1.45 MB
  3. httpd-devel-2.4.37-65.module+el8+1784+21b8bc8d.ML.1.x86_64.rpm
    MD5: fd1e335f9e4cfd7a50933230cb6cc9ac
    SHA-256: 1d7e1878bc8a67736aa864d69fe7fbdfb5533306cde02d0dc7a1d40e939545fd
    Size: 226.92 kB
  4. httpd-filesystem-2.4.37-65.module+el8+1784+21b8bc8d.ML.1.noarch.rpm
    MD5: fa05bd2617c706153a3e87638ad5cc81
    SHA-256: 8b83531f3aa0c24ef9529effe9246c3e33df175651761b591de12e44bc0bca31
    Size: 43.42 kB
  5. httpd-manual-2.4.37-65.module+el8+1784+21b8bc8d.ML.1.noarch.rpm
    MD5: 21f6e5a68484779dca686a4d260a6f18
    SHA-256: 81beef84ee28cad4f79fb3dbbed61e0b0ca530882b6ddedb89b6a773f2690afc
    Size: 2.38 MB
  6. httpd-tools-2.4.37-65.module+el8+1784+21b8bc8d.ML.1.x86_64.rpm
    MD5: 92a79943e06e768035ce42cc02f0160a
    SHA-256: e119ba4a2a8238c1c3f8fc440d8a11f088fa47c8403d59eedb9c86f3659baad3
    Size: 110.57 kB
  7. mod_http2-1.15.7-10.module+el8+1784+21b8bc8d.x86_64.rpm
    MD5: a51a7b62264c0c946903365c3fe6543e
    SHA-256: 9b0c658bc58306cdaa8c8e5fc32441dab2f2d8529e3f33a0fb0a8c530080bd90
    Size: 154.60 kB
  8. mod_http2-debugsource-1.15.7-10.module+el8+1784+21b8bc8d.x86_64.rpm
    MD5: 71096302a429a968b2ca5fa313945d3b
    SHA-256: 281ed8521c90b2b64f51faee765ba91c6307f157d79683b9c90d95777397b228
    Size: 148.12 kB
  9. mod_ldap-2.4.37-65.module+el8+1784+21b8bc8d.ML.1.x86_64.rpm
    MD5: d91c1ecbcbf4d6cadb21f7531e82ed46
    SHA-256: 7b4a8ebc88de9e32fc14a83835f8aad459a4c209589ed1d2ffe851a8c16bcbd2
    Size: 88.73 kB
  10. mod_md-2.0.8-8.module+el8+1784+21b8bc8d.x86_64.rpm
    MD5: 5b2c25cbab01b26be5159cf1c9684927
    SHA-256: c38cd753e6210ca2f58a02046ff30eb1c2041c0e53160d7a22bc9c319b4fa1c6
    Size: 183.60 kB
  11. mod_md-debugsource-2.0.8-8.module+el8+1784+21b8bc8d.x86_64.rpm
    MD5: 4ea1c2cc945cb2b2412dfc6e2269cbab
    SHA-256: b955dbbffc8e32dc1884ceacd04613b0307d95df67f65063cd9d756782c844fa
    Size: 126.24 kB
  12. mod_proxy_html-2.4.37-65.module+el8+1784+21b8bc8d.ML.1.x86_64.rpm
    MD5: 0da099a2d544a4128859f9b7e89ee926
    SHA-256: d646774971e712895197ebcf863d560c002cfb4da7b5228d2780f981b2b7eb14
    Size: 65.87 kB
  13. mod_session-2.4.37-65.module+el8+1784+21b8bc8d.ML.1.x86_64.rpm
    MD5: 7070fa282d52293086e627dc0592d678
    SHA-256: 8c72c313a5b252e2d5639b1db97f7f37326fd7a3f499393b8260c53e5fe29251
    Size: 77.51 kB
  14. mod_ssl-2.4.37-65.module+el8+1784+21b8bc8d.ML.1.x86_64.rpm
    MD5: e1ce51a43967fd6e83c562e80d4382ac
    SHA-256: 072cbc317fea2d3bf6065da2351874a08111ae1341bf7e3a27c035d3c89fa1c0
    Size: 140.12 kB