mod_md-2.4.26-1.el9_7.1
エラータID: AXSA:2025-11605:01
This module manages common properties of domains for one or more virtual hosts. Specifically it can use the ACME protocol to automate certificate provisioning. Certificates will be configured for managed domains and their virtual hosts automatically, including at renewal.
Security Fix(es):
* mod_md: Apache HTTP Server: mod_md (ACME), unintended retry intervals (CVE-2025-55753)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-55753
An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds. This issue affects Apache HTTP Server: from 2.4.30 before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue.
Update packages.
An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds. This issue affects Apache HTTP Server: from 2.4.30 before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue.
N/A
SRPMS
- mod_md-2.4.26-1.el9_7.1.src.rpm
MD5: d8595e50f246383675e626f9ae00c18c
SHA-256: ae7040be92230d54c1d9f13ed456feb27ecc79b0aefa2d95eba536f88bdebc1c
Size: 851.69 kB
Asianux Server 9 for x86_64
- mod_md-2.4.26-1.el9_7.1.x86_64.rpm
MD5: a9ae1e0992d43080274b75343e3ac135
SHA-256: de7043c1684e13bd33ad6aeb84ee79d8c66e0ce21b0564e74ff13b396d51625b
Size: 255.15 kB