Oval Definition:	oval:com.redhat.rhsa:def:20201121
Revision Date: 2020-03-31 Version: 636 Title: RHSA-2020:1121: httpd security, bug fix, and enhancement update (Moderate) Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): httpd: mod_session_cookie does not respect expiry time (CVE-2018-17199) httpd: Out of bounds write in mod_authnz_ldap when using too small Accept-Language values (CVE-2017-15710) httpd: Out of bounds access after failure in reading the HTTP request (CVE-2018-1301) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.8 Release Notes linked from the References section. Family: unix Class: patch Status: Reference(s): CVE-2017-15710 CVE-2018-1301 CVE-2018-17199 RHSA-2020:1121 Platform(s): Red Hat Enterprise Linux 7 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 7 is installed AND httpd is earlier than 0:2.4.6-93.el7 AND httpd is signed with Red Hat redhatrelease2 key httpd-devel is earlier than 0:2.4.6-93.el7 AND httpd-devel is signed with Red Hat redhatrelease2 key httpd-manual is earlier than 0:2.4.6-93.el7 AND httpd-manual is signed with Red Hat redhatrelease2 key httpd-tools is earlier than 0:2.4.6-93.el7 AND httpd-tools is signed with Red Hat redhatrelease2 key mod_ldap is earlier than 0:2.4.6-93.el7 AND mod_ldap is signed with Red Hat redhatrelease2 key mod_proxy_html is earlier than 1:2.4.6-93.el7 AND mod_proxy_html is signed with Red Hat redhatrelease2 key mod_session is earlier than 0:2.4.6-93.el7 AND mod_session is signed with Red Hat redhatrelease2 key mod_ssl is earlier than 1:2.4.6-93.el7 AND mod_ssl is signed with Red Hat redhatrelease2 key
BACK