1. Home
  2. Security Advisories
  3. AlmaLinux OS
  4. ALSA-2024:1786

[ALSA-2024:1786] httpd:2.4/mod_http2 security update

Severity Important
Affected Packages 20
CVEs 1
Info Packages References Vulnerabilities

httpd:2.4/mod_http2 security update

The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.

Security Fix(es):

  • httpd: mod_http2: CONTINUATION frames DoS (CVE-2024-27316)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Package Affected Version
pkg:rpm/almalinux/mod_ssl?arch=x86_64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/mod_ssl?arch=aarch64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/mod_session?arch=x86_64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/mod_session?arch=aarch64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/mod_proxy_html?arch=x86_64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/mod_proxy_html?arch=aarch64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/mod_md?arch=x86_64&distro=almalinux-8.6 < 2.0.8-8.module_el8.6.0+2872+fe0ff7aa
pkg:rpm/almalinux/mod_md?arch=aarch64&distro=almalinux-8.6 < 2.0.8-8.module_el8.6.0+2872+fe0ff7aa
pkg:rpm/almalinux/mod_ldap?arch=x86_64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/mod_ldap?arch=aarch64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/mod_http2?arch=x86_64&distro=almalinux-8.9 < 1.15.7-8.module_el8.9.0+3809+48080a14.5.alma.1
pkg:rpm/almalinux/mod_http2?arch=aarch64&distro=almalinux-8.9 < 1.15.7-8.module_el8.9.0+3809+48080a14.5.alma.1
pkg:rpm/almalinux/httpd?arch=x86_64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/httpd?arch=aarch64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/httpd-tools?arch=x86_64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/httpd-tools?arch=aarch64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/httpd-manual?arch=noarch&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/httpd-filesystem?arch=noarch&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/httpd-devel?arch=x86_64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
pkg:rpm/almalinux/httpd-devel?arch=aarch64&distro=almalinux-8.9 < 2.4.37-62.module_el8.9.0+3646+acd210d0
ID
ALSA-2024:1786
Severity
important
URL
https://errata.almalinux.org/ALSA-2024:1786.html
Published
2024-04-11T00:00:00
(5 months ago)
Modified
2024-04-12T13:00:18
(5 months ago)
Rights
Copyright 2024 AlmaLinux OS
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/almalinux/mod_ssl?arch=x86_64&distro=almalinux-8.9 almalinux mod_ssl < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 x86_64
Affected pkg:rpm/almalinux/mod_ssl?arch=aarch64&distro=almalinux-8.9 almalinux mod_ssl < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 aarch64
Affected pkg:rpm/almalinux/mod_session?arch=x86_64&distro=almalinux-8.9 almalinux mod_session < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 x86_64
Affected pkg:rpm/almalinux/mod_session?arch=aarch64&distro=almalinux-8.9 almalinux mod_session < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 aarch64
Affected pkg:rpm/almalinux/mod_proxy_html?arch=x86_64&distro=almalinux-8.9 almalinux mod_proxy_html < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 x86_64
Affected pkg:rpm/almalinux/mod_proxy_html?arch=aarch64&distro=almalinux-8.9 almalinux mod_proxy_html < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 aarch64
Affected pkg:rpm/almalinux/mod_md?arch=x86_64&distro=almalinux-8.6 almalinux mod_md < 2.0.8-8.module_el8.6.0+2872+fe0ff7aa almalinux-8.6 x86_64
Affected pkg:rpm/almalinux/mod_md?arch=aarch64&distro=almalinux-8.6 almalinux mod_md < 2.0.8-8.module_el8.6.0+2872+fe0ff7aa almalinux-8.6 aarch64
Affected pkg:rpm/almalinux/mod_ldap?arch=x86_64&distro=almalinux-8.9 almalinux mod_ldap < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 x86_64
Affected pkg:rpm/almalinux/mod_ldap?arch=aarch64&distro=almalinux-8.9 almalinux mod_ldap < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 aarch64
Affected pkg:rpm/almalinux/mod_http2?arch=x86_64&distro=almalinux-8.9 almalinux mod_http2 < 1.15.7-8.module_el8.9.0+3809+48080a14.5.alma.1 almalinux-8.9 x86_64
Affected pkg:rpm/almalinux/mod_http2?arch=aarch64&distro=almalinux-8.9 almalinux mod_http2 < 1.15.7-8.module_el8.9.0+3809+48080a14.5.alma.1 almalinux-8.9 aarch64
Affected pkg:rpm/almalinux/httpd?arch=x86_64&distro=almalinux-8.9 almalinux httpd < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 x86_64
Affected pkg:rpm/almalinux/httpd?arch=aarch64&distro=almalinux-8.9 almalinux httpd < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 aarch64
Affected pkg:rpm/almalinux/httpd-tools?arch=x86_64&distro=almalinux-8.9 almalinux httpd-tools < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 x86_64
Affected pkg:rpm/almalinux/httpd-tools?arch=aarch64&distro=almalinux-8.9 almalinux httpd-tools < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 aarch64
Affected pkg:rpm/almalinux/httpd-manual?arch=noarch&distro=almalinux-8.9 almalinux httpd-manual < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 noarch
Affected pkg:rpm/almalinux/httpd-filesystem?arch=noarch&distro=almalinux-8.9 almalinux httpd-filesystem < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 noarch
Affected pkg:rpm/almalinux/httpd-devel?arch=x86_64&distro=almalinux-8.9 almalinux httpd-devel < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 x86_64
Affected pkg:rpm/almalinux/httpd-devel?arch=aarch64&distro=almalinux-8.9 almalinux httpd-devel < 2.4.37-62.module_el8.9.0+3646+acd210d0 almalinux-8.9 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date