Synopsis: Moderate: httpd security, bug fix, and enhancement update
Advisory ID: SLSA-2020:1121-1
Issue Date: 2020-04-07
CVE Numbers: CVE-2018-17199
CVE-2018-1301
CVE-2017-15710
—
* httpd: mod_session_cookie does not respect expiry time
* httpd: Out of bounds write in mod_authnz_ldap when using too small
Accept-Language values
* httpd: Out of bounds access after failure in reading the HTTP request
—
SL7
x86_64
httpd-2.4.6-93.el7.x86_64.rpm
httpd-manual-2.4.6-93.el7.noarch.rpm
httpd-devel-2.4.6-93.el7.x86_64.rpm
mod_ssl-2.4.6-93.el7.x86_64.rpm
httpd-tools-2.4.6-93.el7.x86_64.rpm
mod_session-2.4.6-93.el7.x86_64.rpm
httpd-debuginfo-2.4.6-93.el7.x86_64.rpm
mod_ldap-2.4.6-93.el7.x86_64.rpm
mod_proxy_html-2.4.6-93.el7.x86_64.rpm
noarch
httpd-manual-2.4.6-93.el7.noarch.rpm
– Scientific Linux Development Team
