Skip to navigation

Security Advisory Moderate: httpd security update

Advisory: RHSA-2012:0128-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-02-13
Last updated on: 2012-02-13
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Server AUS (v. 6.2)
Red Hat Enterprise Linux Server EUS (v. 6.2.z)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2011-3607
CVE-2011-3639
CVE-2011-4317
CVE-2012-0031
CVE-2012-0053

Details

Updated httpd packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

The Apache HTTP Server is a popular web server.

It was discovered that the fix for CVE-2011-3368 (released via
RHSA-2011:1391) did not completely address the problem. An attacker could
bypass the fix and make a reverse proxy connect to an arbitrary server not
directly accessible to the attacker by sending an HTTP version 0.9 request,
or by using a specially-crafted URI. (CVE-2011-3639, CVE-2011-4317)

The httpd server included the full HTTP header line in the default error
page generated when receiving an excessively long or malformed header.
Malicious JavaScript running in the server's domain context could use this
flaw to gain access to httpOnly cookies. (CVE-2012-0053)

An integer overflow flaw, leading to a heap-based buffer overflow, was
found in the way httpd performed substitutions in regular expressions. An
attacker able to set certain httpd settings, such as a user permitted to
override the httpd configuration for a specific directory using a
".htaccess" file, could use this flaw to crash the httpd child process or,
possibly, execute arbitrary code with the privileges of the "apache" user.
(CVE-2011-3607)

A flaw was found in the way httpd handled child process status information.
A malicious program running with httpd child process privileges (such as a
PHP or CGI script) could use this flaw to cause the parent httpd process to
crash during httpd service shutdown. (CVE-2012-0031)

All httpd users should upgrade to these updated packages, which contain
backported patches to correct these issues. After installing the updated
packages, the httpd daemon will be restarted automatically.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux Desktop (v. 6)

SRPMS:
httpd-2.2.15-15.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0370
    MD5: 0c0b77f8788aad8642021c06eb2ccd24
SHA-256: 21b1d2ddaf6b55f871c24481b9f27d64dda06feb16268189f34700a4306c967c
 
IA-32:
httpd-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 71de1f80226f10ce9cdfef14beb99195
SHA-256: b36326067e33206040712474456e31e21660d77c0cdaf0c76b37ab27838a0612
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 1119d56326840ff6fcd58b44e7a516a9
SHA-256: 8e9e178dabe916b63b28958ad87b3f60fa5a6cdfdaad09791d25aea16d62f8a5
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: adad0af311b6cfb1d4e846f9c61dc8ad
SHA-256: fa66425b05b4852759de647dc84ee5c0d483b17c317ec4d959ba9009db2ffd53
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
File outdated by:  RHSA-2014:0370
    MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: a7f4d292367e64631f2eb08abb160ab0
SHA-256: 79358dfff6d4679923f72bbe0ac8a1053b3bc7d8ac62c7d3aa512f3e659a8e23
mod_ssl-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 041d02dbb2decfe2d70e69c40b94154a
SHA-256: 3e29d654f72d91caa307c77d50e840589f2169693dd4123a5585631ffadb3ae9
 
x86_64:
httpd-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 7e4cb37c8f101e03e36a02866582eef3
SHA-256: 54cf423d9312069cdc33566e47b423f2b7bbeeb93d5297b6f5e38efffbabff66
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 1119d56326840ff6fcd58b44e7a516a9
SHA-256: 8e9e178dabe916b63b28958ad87b3f60fa5a6cdfdaad09791d25aea16d62f8a5
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 2b07e1d11075669dd9f2936ebec7fa31
SHA-256: c78bc6c2d252246be9b6f25ff68b81968b42e50f1b440622c44fe1de64081b68
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: adad0af311b6cfb1d4e846f9c61dc8ad
SHA-256: fa66425b05b4852759de647dc84ee5c0d483b17c317ec4d959ba9009db2ffd53
httpd-devel-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 08fa18e60fc8472292203666a3516630
SHA-256: 6ba1734770a96737b15918a9dea802ec0d014d19b8510ca91974c404dbc9d2ec
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
File outdated by:  RHSA-2014:0370
    MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 5d9057bb37af9e19f2144836d9c26435
SHA-256: 696aa73d033fabccaaa6459b2de8643adeff0fd8db0b63bced4dd0b3224941dc
mod_ssl-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: f8bca0a762e51534a1796abee8de3f91
SHA-256: cd3792a519d61aba16dca745d6ae542b13c7db29cd5b9c1082e6e8217920be54
 
Red Hat Enterprise Linux HPC Node (v. 6)

SRPMS:
httpd-2.2.15-15.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0370
    MD5: 0c0b77f8788aad8642021c06eb2ccd24
SHA-256: 21b1d2ddaf6b55f871c24481b9f27d64dda06feb16268189f34700a4306c967c
 
x86_64:
httpd-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 7e4cb37c8f101e03e36a02866582eef3
SHA-256: 54cf423d9312069cdc33566e47b423f2b7bbeeb93d5297b6f5e38efffbabff66
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 1119d56326840ff6fcd58b44e7a516a9
SHA-256: 8e9e178dabe916b63b28958ad87b3f60fa5a6cdfdaad09791d25aea16d62f8a5
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 2b07e1d11075669dd9f2936ebec7fa31
SHA-256: c78bc6c2d252246be9b6f25ff68b81968b42e50f1b440622c44fe1de64081b68
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: adad0af311b6cfb1d4e846f9c61dc8ad
SHA-256: fa66425b05b4852759de647dc84ee5c0d483b17c317ec4d959ba9009db2ffd53
httpd-devel-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 08fa18e60fc8472292203666a3516630
SHA-256: 6ba1734770a96737b15918a9dea802ec0d014d19b8510ca91974c404dbc9d2ec
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
File outdated by:  RHSA-2014:0370
    MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 5d9057bb37af9e19f2144836d9c26435
SHA-256: 696aa73d033fabccaaa6459b2de8643adeff0fd8db0b63bced4dd0b3224941dc
mod_ssl-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: f8bca0a762e51534a1796abee8de3f91
SHA-256: cd3792a519d61aba16dca745d6ae542b13c7db29cd5b9c1082e6e8217920be54
 
Red Hat Enterprise Linux Server (v. 6)

SRPMS:
httpd-2.2.15-15.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0370
    MD5: 0c0b77f8788aad8642021c06eb2ccd24
SHA-256: 21b1d2ddaf6b55f871c24481b9f27d64dda06feb16268189f34700a4306c967c
 
IA-32:
httpd-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 71de1f80226f10ce9cdfef14beb99195
SHA-256: b36326067e33206040712474456e31e21660d77c0cdaf0c76b37ab27838a0612
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 1119d56326840ff6fcd58b44e7a516a9
SHA-256: 8e9e178dabe916b63b28958ad87b3f60fa5a6cdfdaad09791d25aea16d62f8a5
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: adad0af311b6cfb1d4e846f9c61dc8ad
SHA-256: fa66425b05b4852759de647dc84ee5c0d483b17c317ec4d959ba9009db2ffd53
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
File outdated by:  RHSA-2014:0370
    MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: a7f4d292367e64631f2eb08abb160ab0
SHA-256: 79358dfff6d4679923f72bbe0ac8a1053b3bc7d8ac62c7d3aa512f3e659a8e23
mod_ssl-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 041d02dbb2decfe2d70e69c40b94154a
SHA-256: 3e29d654f72d91caa307c77d50e840589f2169693dd4123a5585631ffadb3ae9
 
PPC:
httpd-2.2.15-15.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 471ec4758b7986c95c2c998a3d5c4df2
SHA-256: 6002669eeb995498db95f060ec24551fb770ac39c7b85dbe284802b0d2b07a4e
httpd-debuginfo-2.2.15-15.el6_2.1.ppc.rpm
File outdated by:  RHSA-2014:0370
    MD5: 3b4e20aa1f44736da1c0805c0ba0cf12
SHA-256: 4526f02d074dac08171bf6854d6778f771fb9893118038d291ed5da55d80f48e
httpd-debuginfo-2.2.15-15.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 5e526b38db6ec9c0828919393955ad61
SHA-256: f2dccd01d2352ce334dd20d1f016bf175b9c5dc31ae70e184f45ecce7ee9e857
httpd-devel-2.2.15-15.el6_2.1.ppc.rpm
File outdated by:  RHSA-2014:0370
    MD5: b381775da65417dc91650c5de332a973
SHA-256: 695f42330df61b3e80902e6c5a458727f54dfec40eaaa46bfc50295f2b913bf3
httpd-devel-2.2.15-15.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2014:0370
    MD5: c6c1eb4a2da9cf293a9adc28e5cfd9f9
SHA-256: 6d6c11400f630b080c58e9185aed1323743963dddb87e6476641e755cc98281c
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
File outdated by:  RHSA-2014:0370
    MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2014:0370
    MD5: bda4390c6ed3e94d741519a923082393
SHA-256: 8530b8c3c5f9e0c7c904c7a8489f08a2404ac13afea23ca54c23829d0438abc0
mod_ssl-2.2.15-15.el6_2.1.ppc64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 2aea3cb6fe22ca594e7be86bcb4ec090
SHA-256: 0d78da7a53af46c2b74c3c69ebc04e529fcf13f7cec5ff2aa5829279b3040009
 
s390x:
httpd-2.2.15-15.el6_2.1.s390x.rpm
File outdated by:  RHSA-2014:0370
    MD5: 6d9c09b5d2829f8a6960ff1ae0d06847
SHA-256: 36f10f2cd3be41c404e095595b7c5b56eea2ba37a81cd8422f9261c237d29dc2
httpd-debuginfo-2.2.15-15.el6_2.1.s390.rpm
File outdated by:  RHSA-2014:0370
    MD5: d272693e5c5fa0fa6d61aa358aa02523
SHA-256: 6bc9eba5032c24e2917d007c0cc6d9ab3771a6eeed1f7ab100808a5ce5cb9bbe
httpd-debuginfo-2.2.15-15.el6_2.1.s390x.rpm
File outdated by:  RHSA-2014:0370
    MD5: a4a68c8eaaf9da1462a0ba560b782c38
SHA-256: 0af4ab5c5d4f96858116b81629d248e8af0dcdcd2c1120b8f7e5a6013742d27a
httpd-devel-2.2.15-15.el6_2.1.s390.rpm
File outdated by:  RHSA-2014:0370
    MD5: 640c8936aadb231194bcfaa8132c2c32
SHA-256: 218881ff00bd4686dadaa8c999b04a9d3874d1857b8e06d5c73a60c984196904
httpd-devel-2.2.15-15.el6_2.1.s390x.rpm
File outdated by:  RHSA-2014:0370
    MD5: ad911bd98802baa7ad2b9f550edf17b0
SHA-256: 8c3d4b64a1d49c893d017538a3cd9a6e827b9dc48a3290a10d1fdf99e6cbef2d
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
File outdated by:  RHSA-2014:0370
    MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.s390x.rpm
File outdated by:  RHSA-2014:0370
    MD5: ff2ab6fb363ee9ef4dd2013932266263
SHA-256: e6834dbc8032549a0737261f0e26a7b4e006223b0df4f6a24acfdeb4897e11fa
mod_ssl-2.2.15-15.el6_2.1.s390x.rpm
File outdated by:  RHSA-2014:0370
    MD5: 96eaed41c8c10ad647ccdc684fa5cb44
SHA-256: f65305b5e3b6b9fb3a9c8ae5685d5a21cd53c3f313c25e77ff30ffc6700fbec4
 
x86_64:
httpd-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 7e4cb37c8f101e03e36a02866582eef3
SHA-256: 54cf423d9312069cdc33566e47b423f2b7bbeeb93d5297b6f5e38efffbabff66
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 1119d56326840ff6fcd58b44e7a516a9
SHA-256: 8e9e178dabe916b63b28958ad87b3f60fa5a6cdfdaad09791d25aea16d62f8a5
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 2b07e1d11075669dd9f2936ebec7fa31
SHA-256: c78bc6c2d252246be9b6f25ff68b81968b42e50f1b440622c44fe1de64081b68
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: adad0af311b6cfb1d4e846f9c61dc8ad
SHA-256: fa66425b05b4852759de647dc84ee5c0d483b17c317ec4d959ba9009db2ffd53
httpd-devel-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 08fa18e60fc8472292203666a3516630
SHA-256: 6ba1734770a96737b15918a9dea802ec0d014d19b8510ca91974c404dbc9d2ec
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
File outdated by:  RHSA-2014:0370
    MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 5d9057bb37af9e19f2144836d9c26435
SHA-256: 696aa73d033fabccaaa6459b2de8643adeff0fd8db0b63bced4dd0b3224941dc
mod_ssl-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: f8bca0a762e51534a1796abee8de3f91
SHA-256: cd3792a519d61aba16dca745d6ae542b13c7db29cd5b9c1082e6e8217920be54
 
Red Hat Enterprise Linux Server AUS (v. 6.2)

SRPMS:
httpd-2.2.15-15.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0370
    MD5: 0c0b77f8788aad8642021c06eb2ccd24
SHA-256: 21b1d2ddaf6b55f871c24481b9f27d64dda06feb16268189f34700a4306c967c
 
x86_64:
httpd-2.2.15-15.el6_2.1.x86_64.rpm     MD5: 7e4cb37c8f101e03e36a02866582eef3
SHA-256: 54cf423d9312069cdc33566e47b423f2b7bbeeb93d5297b6f5e38efffbabff66
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm     MD5: 1119d56326840ff6fcd58b44e7a516a9
SHA-256: 8e9e178dabe916b63b28958ad87b3f60fa5a6cdfdaad09791d25aea16d62f8a5
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm     MD5: 2b07e1d11075669dd9f2936ebec7fa31
SHA-256: c78bc6c2d252246be9b6f25ff68b81968b42e50f1b440622c44fe1de64081b68
httpd-devel-2.2.15-15.el6_2.1.i686.rpm     MD5: adad0af311b6cfb1d4e846f9c61dc8ad
SHA-256: fa66425b05b4852759de647dc84ee5c0d483b17c317ec4d959ba9009db2ffd53
httpd-devel-2.2.15-15.el6_2.1.x86_64.rpm     MD5: 08fa18e60fc8472292203666a3516630
SHA-256: 6ba1734770a96737b15918a9dea802ec0d014d19b8510ca91974c404dbc9d2ec
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm     MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.x86_64.rpm     MD5: 5d9057bb37af9e19f2144836d9c26435
SHA-256: 696aa73d033fabccaaa6459b2de8643adeff0fd8db0b63bced4dd0b3224941dc
mod_ssl-2.2.15-15.el6_2.1.x86_64.rpm     MD5: f8bca0a762e51534a1796abee8de3f91
SHA-256: cd3792a519d61aba16dca745d6ae542b13c7db29cd5b9c1082e6e8217920be54
 
Red Hat Enterprise Linux Server EUS (v. 6.2.z)

SRPMS:
httpd-2.2.15-15.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0370
    MD5: 0c0b77f8788aad8642021c06eb2ccd24
SHA-256: 21b1d2ddaf6b55f871c24481b9f27d64dda06feb16268189f34700a4306c967c
 
IA-32:
httpd-2.2.15-15.el6_2.1.i686.rpm     MD5: 71de1f80226f10ce9cdfef14beb99195
SHA-256: b36326067e33206040712474456e31e21660d77c0cdaf0c76b37ab27838a0612
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm     MD5: 1119d56326840ff6fcd58b44e7a516a9
SHA-256: 8e9e178dabe916b63b28958ad87b3f60fa5a6cdfdaad09791d25aea16d62f8a5
httpd-devel-2.2.15-15.el6_2.1.i686.rpm     MD5: adad0af311b6cfb1d4e846f9c61dc8ad
SHA-256: fa66425b05b4852759de647dc84ee5c0d483b17c317ec4d959ba9009db2ffd53
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm     MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.i686.rpm     MD5: a7f4d292367e64631f2eb08abb160ab0
SHA-256: 79358dfff6d4679923f72bbe0ac8a1053b3bc7d8ac62c7d3aa512f3e659a8e23
mod_ssl-2.2.15-15.el6_2.1.i686.rpm     MD5: 041d02dbb2decfe2d70e69c40b94154a
SHA-256: 3e29d654f72d91caa307c77d50e840589f2169693dd4123a5585631ffadb3ae9
 
PPC:
httpd-2.2.15-15.el6_2.1.ppc64.rpm     MD5: 471ec4758b7986c95c2c998a3d5c4df2
SHA-256: 6002669eeb995498db95f060ec24551fb770ac39c7b85dbe284802b0d2b07a4e
httpd-debuginfo-2.2.15-15.el6_2.1.ppc.rpm     MD5: 3b4e20aa1f44736da1c0805c0ba0cf12
SHA-256: 4526f02d074dac08171bf6854d6778f771fb9893118038d291ed5da55d80f48e
httpd-debuginfo-2.2.15-15.el6_2.1.ppc64.rpm     MD5: 5e526b38db6ec9c0828919393955ad61
SHA-256: f2dccd01d2352ce334dd20d1f016bf175b9c5dc31ae70e184f45ecce7ee9e857
httpd-devel-2.2.15-15.el6_2.1.ppc.rpm     MD5: b381775da65417dc91650c5de332a973
SHA-256: 695f42330df61b3e80902e6c5a458727f54dfec40eaaa46bfc50295f2b913bf3
httpd-devel-2.2.15-15.el6_2.1.ppc64.rpm     MD5: c6c1eb4a2da9cf293a9adc28e5cfd9f9
SHA-256: 6d6c11400f630b080c58e9185aed1323743963dddb87e6476641e755cc98281c
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm     MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.ppc64.rpm     MD5: bda4390c6ed3e94d741519a923082393
SHA-256: 8530b8c3c5f9e0c7c904c7a8489f08a2404ac13afea23ca54c23829d0438abc0
mod_ssl-2.2.15-15.el6_2.1.ppc64.rpm     MD5: 2aea3cb6fe22ca594e7be86bcb4ec090
SHA-256: 0d78da7a53af46c2b74c3c69ebc04e529fcf13f7cec5ff2aa5829279b3040009
 
s390x:
httpd-2.2.15-15.el6_2.1.s390x.rpm     MD5: 6d9c09b5d2829f8a6960ff1ae0d06847
SHA-256: 36f10f2cd3be41c404e095595b7c5b56eea2ba37a81cd8422f9261c237d29dc2
httpd-debuginfo-2.2.15-15.el6_2.1.s390.rpm     MD5: d272693e5c5fa0fa6d61aa358aa02523
SHA-256: 6bc9eba5032c24e2917d007c0cc6d9ab3771a6eeed1f7ab100808a5ce5cb9bbe
httpd-debuginfo-2.2.15-15.el6_2.1.s390x.rpm     MD5: a4a68c8eaaf9da1462a0ba560b782c38
SHA-256: 0af4ab5c5d4f96858116b81629d248e8af0dcdcd2c1120b8f7e5a6013742d27a
httpd-devel-2.2.15-15.el6_2.1.s390.rpm     MD5: 640c8936aadb231194bcfaa8132c2c32
SHA-256: 218881ff00bd4686dadaa8c999b04a9d3874d1857b8e06d5c73a60c984196904
httpd-devel-2.2.15-15.el6_2.1.s390x.rpm     MD5: ad911bd98802baa7ad2b9f550edf17b0
SHA-256: 8c3d4b64a1d49c893d017538a3cd9a6e827b9dc48a3290a10d1fdf99e6cbef2d
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm     MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.s390x.rpm     MD5: ff2ab6fb363ee9ef4dd2013932266263
SHA-256: e6834dbc8032549a0737261f0e26a7b4e006223b0df4f6a24acfdeb4897e11fa
mod_ssl-2.2.15-15.el6_2.1.s390x.rpm     MD5: 96eaed41c8c10ad647ccdc684fa5cb44
SHA-256: f65305b5e3b6b9fb3a9c8ae5685d5a21cd53c3f313c25e77ff30ffc6700fbec4
 
x86_64:
httpd-2.2.15-15.el6_2.1.x86_64.rpm     MD5: 7e4cb37c8f101e03e36a02866582eef3
SHA-256: 54cf423d9312069cdc33566e47b423f2b7bbeeb93d5297b6f5e38efffbabff66
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm     MD5: 1119d56326840ff6fcd58b44e7a516a9
SHA-256: 8e9e178dabe916b63b28958ad87b3f60fa5a6cdfdaad09791d25aea16d62f8a5
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm     MD5: 2b07e1d11075669dd9f2936ebec7fa31
SHA-256: c78bc6c2d252246be9b6f25ff68b81968b42e50f1b440622c44fe1de64081b68
httpd-devel-2.2.15-15.el6_2.1.i686.rpm     MD5: adad0af311b6cfb1d4e846f9c61dc8ad
SHA-256: fa66425b05b4852759de647dc84ee5c0d483b17c317ec4d959ba9009db2ffd53
httpd-devel-2.2.15-15.el6_2.1.x86_64.rpm     MD5: 08fa18e60fc8472292203666a3516630
SHA-256: 6ba1734770a96737b15918a9dea802ec0d014d19b8510ca91974c404dbc9d2ec
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm     MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.x86_64.rpm     MD5: 5d9057bb37af9e19f2144836d9c26435
SHA-256: 696aa73d033fabccaaa6459b2de8643adeff0fd8db0b63bced4dd0b3224941dc
mod_ssl-2.2.15-15.el6_2.1.x86_64.rpm     MD5: f8bca0a762e51534a1796abee8de3f91
SHA-256: cd3792a519d61aba16dca745d6ae542b13c7db29cd5b9c1082e6e8217920be54
 
Red Hat Enterprise Linux Workstation (v. 6)

SRPMS:
httpd-2.2.15-15.el6_2.1.src.rpm
File outdated by:  RHSA-2014:0370
    MD5: 0c0b77f8788aad8642021c06eb2ccd24
SHA-256: 21b1d2ddaf6b55f871c24481b9f27d64dda06feb16268189f34700a4306c967c
 
IA-32:
httpd-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 71de1f80226f10ce9cdfef14beb99195
SHA-256: b36326067e33206040712474456e31e21660d77c0cdaf0c76b37ab27838a0612
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 1119d56326840ff6fcd58b44e7a516a9
SHA-256: 8e9e178dabe916b63b28958ad87b3f60fa5a6cdfdaad09791d25aea16d62f8a5
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: adad0af311b6cfb1d4e846f9c61dc8ad
SHA-256: fa66425b05b4852759de647dc84ee5c0d483b17c317ec4d959ba9009db2ffd53
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
File outdated by:  RHSA-2014:0370
    MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: a7f4d292367e64631f2eb08abb160ab0
SHA-256: 79358dfff6d4679923f72bbe0ac8a1053b3bc7d8ac62c7d3aa512f3e659a8e23
mod_ssl-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 041d02dbb2decfe2d70e69c40b94154a
SHA-256: 3e29d654f72d91caa307c77d50e840589f2169693dd4123a5585631ffadb3ae9
 
x86_64:
httpd-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 7e4cb37c8f101e03e36a02866582eef3
SHA-256: 54cf423d9312069cdc33566e47b423f2b7bbeeb93d5297b6f5e38efffbabff66
httpd-debuginfo-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: 1119d56326840ff6fcd58b44e7a516a9
SHA-256: 8e9e178dabe916b63b28958ad87b3f60fa5a6cdfdaad09791d25aea16d62f8a5
httpd-debuginfo-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 2b07e1d11075669dd9f2936ebec7fa31
SHA-256: c78bc6c2d252246be9b6f25ff68b81968b42e50f1b440622c44fe1de64081b68
httpd-devel-2.2.15-15.el6_2.1.i686.rpm
File outdated by:  RHSA-2014:0370
    MD5: adad0af311b6cfb1d4e846f9c61dc8ad
SHA-256: fa66425b05b4852759de647dc84ee5c0d483b17c317ec4d959ba9009db2ffd53
httpd-devel-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 08fa18e60fc8472292203666a3516630
SHA-256: 6ba1734770a96737b15918a9dea802ec0d014d19b8510ca91974c404dbc9d2ec
httpd-manual-2.2.15-15.el6_2.1.noarch.rpm
File outdated by:  RHSA-2014:0370
    MD5: b81d3a11c7fadb88f42b55eb61d27c27
SHA-256: 0b529221216a0cb45c6a4e02140336ca69e0e4a5ae6afaf15c02c8625076645b
httpd-tools-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: 5d9057bb37af9e19f2144836d9c26435
SHA-256: 696aa73d033fabccaaa6459b2de8643adeff0fd8db0b63bced4dd0b3224941dc
mod_ssl-2.2.15-15.el6_2.1.x86_64.rpm
File outdated by:  RHSA-2014:0370
    MD5: f8bca0a762e51534a1796abee8de3f91
SHA-256: cd3792a519d61aba16dca745d6ae542b13c7db29cd5b9c1082e6e8217920be54
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

752080 - CVE-2011-3639 httpd: http 0.9 request bypass of the reverse proxy vulnerability CVE-2011-3368 fix
756483 - CVE-2011-4317 httpd: uri scheme bypass of the reverse proxy vulnerability CVE-2011-3368 fix
769844 - CVE-2011-3607 httpd: ap_pregsub Integer overflow to buffer overflow
773744 - CVE-2012-0031 httpd: possible crash on shutdown due to flaw in scoreboard handling
785069 - CVE-2012-0053 httpd: cookie exposure due to error responses


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/