Oval Definition:	oval:com.redhat.rhsa:def:20220143
Revision Date: 2022-01-17 Version: 636 Title: RHSA-2022:0143: httpd security update (Important) Description: The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix(es): httpd: mod_lua: Possible buffer overflow when parsing multipart content (CVE-2021-44790) httpd: mod_session: Heap overflow via a crafted SessionHeader value (CVE-2021-26691) httpd: NULL pointer dereference via malformed requests (CVE-2021-34798) httpd: Out-of-bounds write in ap_escape_quotes() via malicious input (CVE-2021-39275) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Family: unix Class: patch Status: Reference(s): CVE-2021-26691 CVE-2021-34798 CVE-2021-39275 CVE-2021-44790 RHSA-2022:0143 Platform(s): Red Hat Enterprise Linux 7 Product(s): Definition Synopsis Red Hat Enterprise Linux must be installed OR Package Information Red Hat Enterprise Linux 7 is installed AND httpd is earlier than 0:2.4.6-97.el7_9.4 AND httpd is signed with Red Hat redhatrelease2 key httpd-devel is earlier than 0:2.4.6-97.el7_9.4 AND httpd-devel is signed with Red Hat redhatrelease2 key httpd-manual is earlier than 0:2.4.6-97.el7_9.4 AND httpd-manual is signed with Red Hat redhatrelease2 key httpd-tools is earlier than 0:2.4.6-97.el7_9.4 AND httpd-tools is signed with Red Hat redhatrelease2 key mod_ldap is earlier than 0:2.4.6-97.el7_9.4 AND mod_ldap is signed with Red Hat redhatrelease2 key mod_proxy_html is earlier than 1:2.4.6-97.el7_9.4 AND mod_proxy_html is signed with Red Hat redhatrelease2 key mod_session is earlier than 0:2.4.6-97.el7_9.4 AND mod_session is signed with Red Hat redhatrelease2 key mod_ssl is earlier than 1:2.4.6-97.el7_9.4 AND mod_ssl is signed with Red Hat redhatrelease2 key
BACK