|
|
>> Fedora Security Update Fixes httpd Denial of Service and Security Bypass Issues
|
Multiple vulnerabilities have been identified in Fedora, which could be exploited by attackers to obtain sensitive information, execute arbitrary scripting code, or cause a denial of service. These issues are caused by errors in httpd. For additional information, see : VUPEN/ADV-2007-2231 - VUPEN/ADV-2007-2357
Affected Products
Fedora 7
Fedora Core 6
Fedora Core 5
Solution
Upgrade the affected packages :
b5ea5f23cd6d2918b0640a07d95349c5a0c1145d httpd-debuginfo-2.2.4-4.1.fc7.ppc64.rpm
85d65c84ab7512ba7d41694fc2de3734c35b22d0 httpd-devel-2.2.4-4.1.fc7.ppc64.rpm
98dd80b9c08894bb427d3a78a726750d70dfacbd httpd-manual-2.2.4-4.1.fc7.ppc64.rpm
ebda12e8c08ff5fb589d05599d61810b908890a4 mod_ssl-2.2.4-4.1.fc7.ppc64.rpm
751306fa667a9466b7eb8180339840b4f9f8a1e3 httpd-2.2.4-4.1.fc7.ppc64.rpm
369fd68b17f304e0180dda689e26823c745123d0 httpd-devel-2.2.4-4.1.fc7.i386.rpm
c6f6ccf809fa1f135eeaa7b6a1add91ca09ededd mod_ssl-2.2.4-4.1.fc7.i386.rpm
152f01dd4c5d4e0c786b048885b37cb589cd4c54 httpd-debuginfo-2.2.4-4.1.fc7.i386.rpm
915bc527e8fa244cc1253570a5c891fb845cdcb5 httpd-manual-2.2.4-4.1.fc7.i386.rpm
cd09d3200019e439fb0208e4d843671017d6fef7 httpd-2.2.4-4.1.fc7.i386.rpm
23f04a00478cc10d515850febc3941cc687c6425 httpd-devel-2.2.4-4.1.fc7.x86_64.rpm
032e2a4fad00e50d922829a2873b6c54060cd828 httpd-2.2.4-4.1.fc7.x86_64.rpm
2a4f8bf0c96dbd3013ec441467feaee1f72a1abb mod_ssl-2.2.4-4.1.fc7.x86_64.rpm
3a6cfdf3219dd39dd06d5c08bdac1d3a518744f6 httpd-manual-2.2.4-4.1.fc7.x86_64.rpm
184dc0f75f0f582bc650a3c703db7a05a8a152c2 httpd-debuginfo-2.2.4-4.1.fc7.x86_64.rpm
9c0e6f11894fb914f82546acf4e139637d09095e httpd-debuginfo-2.2.4-4.1.fc7.ppc.rpm
7d5ada21848138891784ff48868750df6659ccca mod_ssl-2.2.4-4.1.fc7.ppc.rpm
94671fb37e82134c1558b3bc26d5a3c613f2d58c httpd-devel-2.2.4-4.1.fc7.ppc.rpm
fc4899c40cda8ae35d2520f2a9246fb2265d1b40 httpd-manual-2.2.4-4.1.fc7.ppc.rpm
fe1c96b1d5b2bcf63d0e41217c5d39425e730a14 httpd-2.2.4-4.1.fc7.ppc.rpm
3ce67329f8586a8c189bc2240ad7d087063e9ae8 httpd-2.2.4-4.1.fc7.src.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
644a6b15c8d2c633da122bc25184decf0cd47717 SRPMS/httpd-2.2.4-2.1.fc6.src.rpm
644a6b15c8d2c633da122bc25184decf0cd47717 noarch/httpd-2.2.4-2.1.fc6.src.rpm
dbf3dab67955777b7611cb216a96ae107da1e548 ppc/httpd-devel-2.2.4-2.1.fc6.ppc.rpm
271b1f9457d76b225c581b27325efe088ed18984 ppc/httpd-2.2.4-2.1.fc6.ppc.rpm
114fba48de2b98c1b31242f45529c099e477a27b ppc/debug/httpd-debuginfo-2.2.4-2.1.fc6.ppc.rpm
72a5bddf3fe718facf0895e47a607d9d6f7622d8 ppc/httpd-manual-2.2.4-2.1.fc6.ppc.rpm
f60d7eaa5304f983056440d9ffba8b8e2a0c6715 ppc/mod_ssl-2.2.4-2.1.fc6.ppc.rpm
49ae93c9afdfc4ad133af179bad5d2ffbc70e0e5 x86_64/httpd-2.2.4-2.1.fc6.x86_64.rpm
d57b6b7e75013f4ddfcb525b3318393e2e7adcee x86_64/mod_ssl-2.2.4-2.1.fc6.x86_64.rpm
ee074a5eaa9665def4ac0a08ddfae2c8bdf1a199 x86_64/httpd-manual-2.2.4-2.1.fc6.x86_64.rpm
34a9cc0ee135997165956da2c01400260d58f412 x86_64/httpd-devel-2.2.4-2.1.fc6.x86_64.rpm
bbbb6d9db26652e2f1a36c46c0b4d319683129ab x86_64/debug/httpd-debuginfo-2.2.4-2.1.fc6.x86_64.rpm
16463f8bfda309feffea3fce12765d8c97d2cd28 i386/debug/httpd-debuginfo-2.2.4-2.1.fc6.i386.rpm
2e9c12e46c7c8cae93b36f003a091ce45767ca5b i386/httpd-devel-2.2.4-2.1.fc6.i386.rpm
c977553fd17e321e9ec12b06a72d28ebb2e58ad1 i386/httpd-manual-2.2.4-2.1.fc6.i386.rpm
b346b711fe4374bce467bd75dae0fc9b4dc4f211 i386/mod_ssl-2.2.4-2.1.fc6.i386.rpm
83e94c98be4cc0c5ebf11954791bf811e66a2fa8 i386/httpd-2.2.4-2.1.fc6.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
e6b405078d61866b253996c01dd6d2a665d03f16 SRPMS/httpd-2.2.2-1.3.src.rpm
e6b405078d61866b253996c01dd6d2a665d03f16 noarch/httpd-2.2.2-1.3.src.rpm
2da7ae8b7154edd1c29b38e3e4fd00d81be6f630 ppc/httpd-2.2.2-1.3.ppc.rpm
62804f3fe97fdfd71f9dcde7f7c40800b91df202 ppc/mod_ssl-2.2.2-1.3.ppc.rpm
01891fbb3306fc6412780032f448cd9f28fc79f2 ppc/httpd-manual-2.2.2-1.3.ppc.rpm
4bf976824e0b4f90084c16dbf5f6d4d923fa4f7d ppc/httpd-devel-2.2.2-1.3.ppc.rpm
273e782b60cfbccf3de7f1538c37a26a82d570d3 ppc/debug/httpd-debuginfo-2.2.2-1.3.ppc.rpm
9a539f3dad1f404318846dd1b7323bf092e249dd x86_64/httpd-devel-2.2.2-1.3.x86_64.rpm
940d606295b6105d613193fd7c4d61fe570839c0 x86_64/debug/httpd-debuginfo-2.2.2-1.3.x86_64.rpm
6e81a89d11d9e2a40f9e81fc208b0da18dff98d4 x86_64/mod_ssl-2.2.2-1.3.x86_64.rpm
03dd6c692195b23ea06e5d547b8c110e80f337d9 x86_64/httpd-manual-2.2.2-1.3.x86_64.rpm
870e9a7132a66f522e1591d838e755a133810bca x86_64/httpd-2.2.2-1.3.x86_64.rpm
7ac8528edd458749edf22723fd464f3753a43cc2 i386/httpd-manual-2.2.2-1.3.i386.rpm
93d9f497f51185c2d8807f10bad7bcf4d79bad0e i386/httpd-2.2.2-1.3.i386.rpm
8b932638ad7c828cf728ddfab432420a8f73545a i386/debug/httpd-debuginfo-2.2.2-1.3.i386.rpm
9c19dd3c181a74d0ee3424421e539dc320dbe1b7 i386/httpd-devel-2.2.2-1.3.i386.rpm
467f4e8b50318ab8d97d857df53cd6a3cda6cd92 i386/mod_ssl-2.2.2-1.3.i386.rpm
References
http://www.vupen.com/english/advisories/2007/2377
https://www.redhat.com/archives/fedora-package-announce/2007-June/msg00553.html
https://www.redhat.com/archives/fedora-package-announce/2007-July/msg00042.html
ChangeLog
2007-06-29 : Initial release
2007-07-03 : Updated Solution
2007-07-12 : Updated Solution
Vulnerability Management
Subscribe to VUPEN VNS and receive real-time e-mail and SMS alerts when new advisories or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form. | |
|
