Bug Fix Advisory httpd bug fix update

Advisory: RHBA-2009:0388-6
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2009-03-20
Last updated on: 2009-03-20
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux WS (v. 4)
OVAL: N/A

Details

Updated httpd packages that fix a bug are now available for Red Hat
Enterprise Linux 4.

The Apache HTTP Server is a popular Web server.

This update addresses the following bug:

* the "mod_ssl" module placed a hard-coded 128K limit on the amount of
request body data which would be buffered if an SSL renegotiation was
required in a Location or Directory context. This could occur if a POST
request was made to a Directory or Location which required client
certificate authentication. The limit on the amount of data to buffer is
now configurable using the "SSLRenegBufferSize" directive.

Apache users should upgrade to these updated packages, which resolve this
issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 4)
SRPMS:
httpd-2.0.52-41.ent.4.src.rpm
File outdated by:  RHSA-2009:1580		     d4b2a76408820d6bc7bbe6c2ee917d15
 
IA-32:
httpd-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     3bb310014d0af20a3c28c3d991993b4b
httpd-devel-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     a7c34b762699391f45e6b660f2c27084
httpd-manual-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     457f58078b4fd0acb258e4b01ec71504
httpd-suexec-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     cdcde0c2bae9e29de7cb8230e00b3306
mod_ssl-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     913c54c604bb1a3b3ef35c2136d0ccaa
 
x86_64:
httpd-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     331468cc303750ec537ae83d09e63540
httpd-devel-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     fc911b37e33fb06601bf406ef2910c26
httpd-manual-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     4968770fd4e72cdb3b62ab3f4f24b430
httpd-suexec-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     fb0c2fd35e5d0dc1b12883381034e7eb
mod_ssl-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     253b8569986bc7ca1b452d09719975fb
 
Red Hat Enterprise Linux AS (v. 4)
SRPMS:
httpd-2.0.52-41.ent.4.src.rpm
File outdated by:  RHSA-2009:1580		     d4b2a76408820d6bc7bbe6c2ee917d15
 
IA-32:
httpd-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     3bb310014d0af20a3c28c3d991993b4b
httpd-devel-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     a7c34b762699391f45e6b660f2c27084
httpd-manual-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     457f58078b4fd0acb258e4b01ec71504
httpd-suexec-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     cdcde0c2bae9e29de7cb8230e00b3306
mod_ssl-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     913c54c604bb1a3b3ef35c2136d0ccaa
 
IA-64:
httpd-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     af777519a2acc84f0aa2303f1d555010
httpd-devel-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     b9f4a2c3f774d8a0fbdecc17f7f2dac7
httpd-manual-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     994e08418b04942a3b5ff304eef702f7
httpd-suexec-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     6c5c6ed0f72bdb846d1999fd4c05f79f
mod_ssl-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     85667411537ff9e1a17c775d04675419
 
PPC:
httpd-2.0.52-41.ent.4.ppc.rpm
File outdated by:  RHSA-2009:1580		     d095050d9168772ef99e47eb60ed7b35
httpd-devel-2.0.52-41.ent.4.ppc.rpm
File outdated by:  RHSA-2009:1580		     a6600b495bb07f253a42bc72ef645bc5
httpd-manual-2.0.52-41.ent.4.ppc.rpm
File outdated by:  RHSA-2009:1580		     a5ee8617970025cfd5135722a2d1412b
httpd-suexec-2.0.52-41.ent.4.ppc.rpm
File outdated by:  RHSA-2009:1580		     0eb5ff46b16832902cfe1bbf3dff8797
mod_ssl-2.0.52-41.ent.4.ppc.rpm
File outdated by:  RHSA-2009:1580		     0975030eeae24836cddb3e3a1f07614c
 
s390:
httpd-2.0.52-41.ent.4.s390.rpm
File outdated by:  RHSA-2009:1580		     ffab07376272182c4bc343579699c64b
httpd-devel-2.0.52-41.ent.4.s390.rpm
File outdated by:  RHSA-2009:1580		     4dfb9cc7882ba82cefc56785c587feca
httpd-manual-2.0.52-41.ent.4.s390.rpm
File outdated by:  RHSA-2009:1580		     2ebb63cb22e93c5385c77e63afa18dce
httpd-suexec-2.0.52-41.ent.4.s390.rpm
File outdated by:  RHSA-2009:1580		     cc4e12fc14edc7371ed976b9fcf2825b
mod_ssl-2.0.52-41.ent.4.s390.rpm
File outdated by:  RHSA-2009:1580		     21626833caa06f8a54de1c389c13eaa9
 
s390x:
httpd-2.0.52-41.ent.4.s390x.rpm
File outdated by:  RHSA-2009:1580		     b2e90b7d7b93798ee51d3f79e009479a
httpd-devel-2.0.52-41.ent.4.s390x.rpm
File outdated by:  RHSA-2009:1580		     6ef8b5e26ef9686afff12ea283a8685a
httpd-manual-2.0.52-41.ent.4.s390x.rpm
File outdated by:  RHSA-2009:1580		     8657be833ffbc2f62c264c02749d0393
httpd-suexec-2.0.52-41.ent.4.s390x.rpm
File outdated by:  RHSA-2009:1580		     1188691df46781b3d746e1670fe140c3
mod_ssl-2.0.52-41.ent.4.s390x.rpm
File outdated by:  RHSA-2009:1580		     5fde5c66dce3d659676cb52906c25476
 
x86_64:
httpd-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     331468cc303750ec537ae83d09e63540
httpd-devel-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     fc911b37e33fb06601bf406ef2910c26
httpd-manual-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     4968770fd4e72cdb3b62ab3f4f24b430
httpd-suexec-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     fb0c2fd35e5d0dc1b12883381034e7eb
mod_ssl-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     253b8569986bc7ca1b452d09719975fb
 
Red Hat Enterprise Linux AS (v. 4.7.z)
SRPMS:
httpd-2.0.52-41.ent.4.src.rpm
File outdated by:  RHSA-2009:1580		     d4b2a76408820d6bc7bbe6c2ee917d15
 
IA-32:
httpd-2.0.52-41.ent.4.i386.rpm     3bb310014d0af20a3c28c3d991993b4b
httpd-devel-2.0.52-41.ent.4.i386.rpm     a7c34b762699391f45e6b660f2c27084
httpd-manual-2.0.52-41.ent.4.i386.rpm     457f58078b4fd0acb258e4b01ec71504
httpd-suexec-2.0.52-41.ent.4.i386.rpm     cdcde0c2bae9e29de7cb8230e00b3306
mod_ssl-2.0.52-41.ent.4.i386.rpm     913c54c604bb1a3b3ef35c2136d0ccaa
 
IA-64:
httpd-2.0.52-41.ent.4.ia64.rpm     af777519a2acc84f0aa2303f1d555010
httpd-devel-2.0.52-41.ent.4.ia64.rpm     b9f4a2c3f774d8a0fbdecc17f7f2dac7
httpd-manual-2.0.52-41.ent.4.ia64.rpm     994e08418b04942a3b5ff304eef702f7
httpd-suexec-2.0.52-41.ent.4.ia64.rpm     6c5c6ed0f72bdb846d1999fd4c05f79f
mod_ssl-2.0.52-41.ent.4.ia64.rpm     85667411537ff9e1a17c775d04675419
 
PPC:
httpd-2.0.52-41.ent.4.ppc.rpm     d095050d9168772ef99e47eb60ed7b35
httpd-devel-2.0.52-41.ent.4.ppc.rpm     a6600b495bb07f253a42bc72ef645bc5
httpd-manual-2.0.52-41.ent.4.ppc.rpm     a5ee8617970025cfd5135722a2d1412b
httpd-suexec-2.0.52-41.ent.4.ppc.rpm     0eb5ff46b16832902cfe1bbf3dff8797
mod_ssl-2.0.52-41.ent.4.ppc.rpm     0975030eeae24836cddb3e3a1f07614c
 
s390:
httpd-2.0.52-41.ent.4.s390.rpm     ffab07376272182c4bc343579699c64b
httpd-devel-2.0.52-41.ent.4.s390.rpm     4dfb9cc7882ba82cefc56785c587feca
httpd-manual-2.0.52-41.ent.4.s390.rpm     2ebb63cb22e93c5385c77e63afa18dce
httpd-suexec-2.0.52-41.ent.4.s390.rpm     cc4e12fc14edc7371ed976b9fcf2825b
mod_ssl-2.0.52-41.ent.4.s390.rpm     21626833caa06f8a54de1c389c13eaa9
 
s390x:
httpd-2.0.52-41.ent.4.s390x.rpm     b2e90b7d7b93798ee51d3f79e009479a
httpd-devel-2.0.52-41.ent.4.s390x.rpm     6ef8b5e26ef9686afff12ea283a8685a
httpd-manual-2.0.52-41.ent.4.s390x.rpm     8657be833ffbc2f62c264c02749d0393
httpd-suexec-2.0.52-41.ent.4.s390x.rpm     1188691df46781b3d746e1670fe140c3
mod_ssl-2.0.52-41.ent.4.s390x.rpm     5fde5c66dce3d659676cb52906c25476
 
x86_64:
httpd-2.0.52-41.ent.4.x86_64.rpm     331468cc303750ec537ae83d09e63540
httpd-devel-2.0.52-41.ent.4.x86_64.rpm     fc911b37e33fb06601bf406ef2910c26
httpd-manual-2.0.52-41.ent.4.x86_64.rpm     4968770fd4e72cdb3b62ab3f4f24b430
httpd-suexec-2.0.52-41.ent.4.x86_64.rpm     fb0c2fd35e5d0dc1b12883381034e7eb
mod_ssl-2.0.52-41.ent.4.x86_64.rpm     253b8569986bc7ca1b452d09719975fb
 
Red Hat Enterprise Linux ES (v. 4)
SRPMS:
httpd-2.0.52-41.ent.4.src.rpm
File outdated by:  RHSA-2009:1580		     d4b2a76408820d6bc7bbe6c2ee917d15
 
IA-32:
httpd-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     3bb310014d0af20a3c28c3d991993b4b
httpd-devel-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     a7c34b762699391f45e6b660f2c27084
httpd-manual-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     457f58078b4fd0acb258e4b01ec71504
httpd-suexec-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     cdcde0c2bae9e29de7cb8230e00b3306
mod_ssl-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     913c54c604bb1a3b3ef35c2136d0ccaa
 
IA-64:
httpd-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     af777519a2acc84f0aa2303f1d555010
httpd-devel-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     b9f4a2c3f774d8a0fbdecc17f7f2dac7
httpd-manual-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     994e08418b04942a3b5ff304eef702f7
httpd-suexec-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     6c5c6ed0f72bdb846d1999fd4c05f79f
mod_ssl-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     85667411537ff9e1a17c775d04675419
 
x86_64:
httpd-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     331468cc303750ec537ae83d09e63540
httpd-devel-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     fc911b37e33fb06601bf406ef2910c26
httpd-manual-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     4968770fd4e72cdb3b62ab3f4f24b430
httpd-suexec-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     fb0c2fd35e5d0dc1b12883381034e7eb
mod_ssl-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     253b8569986bc7ca1b452d09719975fb
 
Red Hat Enterprise Linux ES (v. 4.7.z)
SRPMS:
httpd-2.0.52-41.ent.4.src.rpm
File outdated by:  RHSA-2009:1580		     d4b2a76408820d6bc7bbe6c2ee917d15
 
IA-32:
httpd-2.0.52-41.ent.4.i386.rpm     3bb310014d0af20a3c28c3d991993b4b
httpd-devel-2.0.52-41.ent.4.i386.rpm     a7c34b762699391f45e6b660f2c27084
httpd-manual-2.0.52-41.ent.4.i386.rpm     457f58078b4fd0acb258e4b01ec71504
httpd-suexec-2.0.52-41.ent.4.i386.rpm     cdcde0c2bae9e29de7cb8230e00b3306
mod_ssl-2.0.52-41.ent.4.i386.rpm     913c54c604bb1a3b3ef35c2136d0ccaa
 
IA-64:
httpd-2.0.52-41.ent.4.ia64.rpm     af777519a2acc84f0aa2303f1d555010
httpd-devel-2.0.52-41.ent.4.ia64.rpm     b9f4a2c3f774d8a0fbdecc17f7f2dac7
httpd-manual-2.0.52-41.ent.4.ia64.rpm     994e08418b04942a3b5ff304eef702f7
httpd-suexec-2.0.52-41.ent.4.ia64.rpm     6c5c6ed0f72bdb846d1999fd4c05f79f
mod_ssl-2.0.52-41.ent.4.ia64.rpm     85667411537ff9e1a17c775d04675419
 
x86_64:
httpd-2.0.52-41.ent.4.x86_64.rpm     331468cc303750ec537ae83d09e63540
httpd-devel-2.0.52-41.ent.4.x86_64.rpm     fc911b37e33fb06601bf406ef2910c26
httpd-manual-2.0.52-41.ent.4.x86_64.rpm     4968770fd4e72cdb3b62ab3f4f24b430
httpd-suexec-2.0.52-41.ent.4.x86_64.rpm     fb0c2fd35e5d0dc1b12883381034e7eb
mod_ssl-2.0.52-41.ent.4.x86_64.rpm     253b8569986bc7ca1b452d09719975fb
 
Red Hat Enterprise Linux WS (v. 4)
SRPMS:
httpd-2.0.52-41.ent.4.src.rpm
File outdated by:  RHSA-2009:1580		     d4b2a76408820d6bc7bbe6c2ee917d15
 
IA-32:
httpd-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     3bb310014d0af20a3c28c3d991993b4b
httpd-devel-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     a7c34b762699391f45e6b660f2c27084
httpd-manual-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     457f58078b4fd0acb258e4b01ec71504
httpd-suexec-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     cdcde0c2bae9e29de7cb8230e00b3306
mod_ssl-2.0.52-41.ent.4.i386.rpm
File outdated by:  RHSA-2009:1580		     913c54c604bb1a3b3ef35c2136d0ccaa
 
IA-64:
httpd-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     af777519a2acc84f0aa2303f1d555010
httpd-devel-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     b9f4a2c3f774d8a0fbdecc17f7f2dac7
httpd-manual-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     994e08418b04942a3b5ff304eef702f7
httpd-suexec-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     6c5c6ed0f72bdb846d1999fd4c05f79f
mod_ssl-2.0.52-41.ent.4.ia64.rpm
File outdated by:  RHSA-2009:1580		     85667411537ff9e1a17c775d04675419
 
x86_64:
httpd-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     331468cc303750ec537ae83d09e63540
httpd-devel-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     fc911b37e33fb06601bf406ef2910c26
httpd-manual-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     4968770fd4e72cdb3b62ab3f4f24b430
httpd-suexec-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     fb0c2fd35e5d0dc1b12883381034e7eb
mod_ssl-2.0.52-41.ent.4.x86_64.rpm
File outdated by:  RHSA-2009:1580		     253b8569986bc7ca1b452d09719975fb
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

484073 - Can't do POST larger than 128K to ssl sites


These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/