Security Advisory Moderate: httpd security update

Advisory: RHSA-2009:1108-1
Type: Security Advisory
Severity: Moderate
Issued on: 2009-06-16
Last updated on: 2009-06-16
Affected Products: Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 3)
CVEs (cve.mitre.org): CVE-2009-0023
CVE-2009-1955
CVE-2009-1956

Details

Updated httpd packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 3.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

The Apache HTTP Server is a popular Web server. The httpd package shipped
with Red Hat Enterprise Linux 3 contains an embedded copy of the Apache
Portable Runtime (APR) utility library, a free library of C data structures
and routines, which includes interfaces to support XML parsing, LDAP
connections, database interfaces, URI parsing, and more.

An off-by-one overflow flaw was found in the way apr-util processed a
variable list of arguments. An attacker could provide a specially-crafted
string as input for the formatted output conversion routine, which could,
on big-endian platforms, potentially lead to the disclosure of sensitive
information or a denial of service (application crash). (CVE-2009-1956)

Note: The CVE-2009-1956 flaw only affects big-endian platforms, such as the
IBM S/390 and PowerPC. It does not affect users using the httpd package on
little-endian platforms, due to their different organization of byte
ordering used to represent particular data.

A denial of service flaw was found in the apr-util Extensible Markup
Language (XML) parser. A remote attacker could create a specially-crafted
XML document that would cause excessive memory consumption when processed
by the XML decoding engine. (CVE-2009-1955)

A heap-based underwrite flaw was found in the way apr-util created compiled
forms of particular search patterns. An attacker could formulate a
specially-crafted search keyword, that would overwrite arbitrary heap
memory locations when processed by the pattern preparation engine.
(CVE-2009-0023)

All httpd users should upgrade to these updated packages, which contain
backported patches to correct these issues. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 3)

SRPMS:
httpd-2.0.46-73.ent.src.rpm
File outdated by:  RHSA-2009:1579
    MD5: 62eb0e66e0e05029288bebd0f7a80e5f
 
IA-32:
httpd-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: d514129721d603db537d52a572c9be0c
httpd-devel-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: 591c48ac6cdac94bec4257a0bfa7641b
mod_ssl-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: e04fb5b8f79822490f50446adaf3900c
 
x86_64:
httpd-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: df318410800118787f4dc9863fad186f
httpd-devel-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: c9b3d9ac38e69882f7a309e547b887a8
mod_ssl-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 45c106457079a3a740bec20846209aad
 
Red Hat Enterprise Linux AS (v. 3)

SRPMS:
httpd-2.0.46-73.ent.src.rpm
File outdated by:  RHSA-2009:1579
    MD5: 62eb0e66e0e05029288bebd0f7a80e5f
 
IA-32:
httpd-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: d514129721d603db537d52a572c9be0c
httpd-devel-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: 591c48ac6cdac94bec4257a0bfa7641b
mod_ssl-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: e04fb5b8f79822490f50446adaf3900c
 
IA-64:
httpd-2.0.46-73.ent.ia64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 6da50bd0baa0c265d89e18e51e3aeb57
httpd-devel-2.0.46-73.ent.ia64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 9c4c04a7f0dec8d7b272e7d7454a0159
mod_ssl-2.0.46-73.ent.ia64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 51520d90badaf55fb3c704af02a90fc4
 
PPC:
httpd-2.0.46-73.ent.ppc.rpm
File outdated by:  RHSA-2009:1579
    MD5: 1ea35b6fe9f195387f74e770bea7f038
httpd-devel-2.0.46-73.ent.ppc.rpm
File outdated by:  RHSA-2009:1579
    MD5: ce040d3b374616a08c0d7500b97dc90e
mod_ssl-2.0.46-73.ent.ppc.rpm
File outdated by:  RHSA-2009:1579
    MD5: 7270f074a5dfd242eedd893170b6c2fe
 
s390:
httpd-2.0.46-73.ent.s390.rpm
File outdated by:  RHSA-2009:1579
    MD5: 5d839ae3846edb31bc746fc04b94610c
httpd-devel-2.0.46-73.ent.s390.rpm
File outdated by:  RHSA-2009:1579
    MD5: b18347c6bf8d2aa93b2f34fd5732be65
mod_ssl-2.0.46-73.ent.s390.rpm
File outdated by:  RHSA-2009:1579
    MD5: f7319b17a444c1e5f338fa47a7a73f62
 
s390x:
httpd-2.0.46-73.ent.s390x.rpm
File outdated by:  RHSA-2009:1579
    MD5: 3fa49b51ffd1144e26cd639f82f3627b
httpd-devel-2.0.46-73.ent.s390x.rpm
File outdated by:  RHSA-2009:1579
    MD5: 80606920b668fb11a71b1ae316c3c867
mod_ssl-2.0.46-73.ent.s390x.rpm
File outdated by:  RHSA-2009:1579
    MD5: 760e2fe590dcd7f5834651f258183c5b
 
x86_64:
httpd-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: df318410800118787f4dc9863fad186f
httpd-devel-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: c9b3d9ac38e69882f7a309e547b887a8
mod_ssl-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 45c106457079a3a740bec20846209aad
 
Red Hat Enterprise Linux ES (v. 3)

SRPMS:
httpd-2.0.46-73.ent.src.rpm
File outdated by:  RHSA-2009:1579
    MD5: 62eb0e66e0e05029288bebd0f7a80e5f
 
IA-32:
httpd-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: d514129721d603db537d52a572c9be0c
httpd-devel-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: 591c48ac6cdac94bec4257a0bfa7641b
mod_ssl-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: e04fb5b8f79822490f50446adaf3900c
 
IA-64:
httpd-2.0.46-73.ent.ia64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 6da50bd0baa0c265d89e18e51e3aeb57
httpd-devel-2.0.46-73.ent.ia64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 9c4c04a7f0dec8d7b272e7d7454a0159
mod_ssl-2.0.46-73.ent.ia64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 51520d90badaf55fb3c704af02a90fc4
 
x86_64:
httpd-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: df318410800118787f4dc9863fad186f
httpd-devel-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: c9b3d9ac38e69882f7a309e547b887a8
mod_ssl-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 45c106457079a3a740bec20846209aad
 
Red Hat Enterprise Linux WS (v. 3)

SRPMS:
httpd-2.0.46-73.ent.src.rpm
File outdated by:  RHSA-2009:1579
    MD5: 62eb0e66e0e05029288bebd0f7a80e5f
 
IA-32:
httpd-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: d514129721d603db537d52a572c9be0c
httpd-devel-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: 591c48ac6cdac94bec4257a0bfa7641b
mod_ssl-2.0.46-73.ent.i386.rpm
File outdated by:  RHSA-2009:1579
    MD5: e04fb5b8f79822490f50446adaf3900c
 
IA-64:
httpd-2.0.46-73.ent.ia64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 6da50bd0baa0c265d89e18e51e3aeb57
httpd-devel-2.0.46-73.ent.ia64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 9c4c04a7f0dec8d7b272e7d7454a0159
mod_ssl-2.0.46-73.ent.ia64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 51520d90badaf55fb3c704af02a90fc4
 
x86_64:
httpd-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: df318410800118787f4dc9863fad186f
httpd-devel-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: c9b3d9ac38e69882f7a309e547b887a8
mod_ssl-2.0.46-73.ent.x86_64.rpm
File outdated by:  RHSA-2009:1579
    MD5: 45c106457079a3a740bec20846209aad
 

Bugs fixed (see bugzilla for more information)

503928 - CVE-2009-0023 apr-util heap buffer underwrite
504390 - CVE-2009-1956 apr-util single NULL byte buffer overflow
504555 - CVE-2009-1955 apr-util billion laughs attack


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/