Описание
ELSA-2024-1786: httpd:2.4/mod_http2 security update (IMPORTANT)
httpd mod_http2 [1.15.7-8.5]
- Resolves: RHEL-29816 - httpd:2.4/mod_http2: httpd: CONTINUATION frames DoS (CVE-2024-27316)
mod_md
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module httpd:2.4 is enabled
httpd
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
httpd-devel
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
httpd-filesystem
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
httpd-manual
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
httpd-tools
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
mod_http2
1.15.7-8.module+el8.9.0+90299+1db10a42.5
mod_ldap
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
mod_md
2.0.8-8.module+el8.9.0+90011+2f9c6a23
mod_proxy_html
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
mod_session
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
mod_ssl
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
Oracle Linux x86_64
Module httpd:2.4 is enabled
httpd
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
httpd-devel
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
httpd-filesystem
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
httpd-manual
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
httpd-tools
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
mod_http2
1.15.7-8.module+el8.9.0+90299+1db10a42.5
mod_ldap
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
mod_md
2.0.8-8.module+el8.9.0+90011+2f9c6a23
mod_proxy_html
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
mod_session
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
mod_ssl
2.4.37-62.0.1.module+el8.9.0+90011+2f9c6a23
Связанные CVE
Связанные уязвимости
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion.
HTTP/2 incoming headers exceeding the limit are temporarily buffered i ...