[Apollo] Advisories Statistics light light Login

RLSA-2024:2564

Security Mirrored from RHSA-2024:2564
Issued at: 2024-05-10
Updated at: 2024-05-10

Synopsis

Moderate: mod_http2 security update



Description

The mod_h2 Apache httpd module implements the HTTP2 protocol (h2+h2c) on top of libnghttp2 for httpd 2.4 servers.

Security Fix(es):

* mod_http2: httpd: CONTINUATION frames DoS (CVE-2024-27316)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2268277

CVEs

CVE-2024-27316

Affected packages

Rocky Linux 9 aarch64 - AppStream

mod_http2-0:2.0.26-2.el9_4.aarch64.rpm mod_http2-0:2.0.26-2.el9_4.src.rpm mod_http2-debuginfo-0:2.0.26-2.el9_4.aarch64.rpm mod_http2-debugsource-0:2.0.26-2.el9_4.aarch64.rpm

Rocky Linux 9 ppc64le - AppStream

mod_http2-0:2.0.26-2.el9_4.ppc64le.rpm mod_http2-0:2.0.26-2.el9_4.src.rpm mod_http2-debuginfo-0:2.0.26-2.el9_4.ppc64le.rpm mod_http2-debugsource-0:2.0.26-2.el9_4.ppc64le.rpm

Rocky Linux 9 s390x - AppStream

mod_http2-0:2.0.26-2.el9_4.s390x.rpm mod_http2-0:2.0.26-2.el9_4.src.rpm mod_http2-debuginfo-0:2.0.26-2.el9_4.s390x.rpm mod_http2-debugsource-0:2.0.26-2.el9_4.s390x.rpm

Rocky Linux 9 x86_64 - AppStream

mod_http2-0:2.0.26-2.el9_4.src.rpm mod_http2-0:2.0.26-2.el9_4.x86_64.rpm mod_http2-debuginfo-0:2.0.26-2.el9_4.x86_64.rpm mod_http2-debugsource-0:2.0.26-2.el9_4.x86_64.rpm