Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2017-7679 (GCVE-0-2017-7679)
Vulnerability from cvelistv5 – Published: 2017-06-20 01:00 – Updated: 2024-08-05 16:12
VLAI?
EPSS
Summary
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
Severity ?
No CVSS data available.
CWE
- CWE-126 - Buffer Overread (CWE-126)
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Apache Software Foundation | Apache HTTP Server |
Affected:
2.2.0 to 2.2.32
Affected: 2.4.0 to 2.4.25 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:12:27.904Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2017:2479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"name": "RHSA-2017:2483",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.nomachine.com/SU08O00185"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"name": "RHSA-2017:3475",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"name": "[dev] 20170619 CVE-2017-7679: mod_mime buffer overread",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us"
},
{
"name": "RHSA-2017:3195",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "99170",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99170"
},
{
"name": "RHSA-2017:3476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"name": "RHSA-2017:3477",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"name": "DSA-3896",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"name": "RHSA-2017:3194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"name": "RHSA-2017:3193",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"name": "1038711",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038711"
},
{
"name": "GLSA-201710-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"name": "RHSA-2017:2478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [11/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.2.0 to 2.2.32"
},
{
"status": "affected",
"version": "2.4.0 to 2.4.25"
}
]
}
],
"datePublic": "2017-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-126",
"description": "Buffer Overread (CWE-126)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-06T10:12:10",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2017:2479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"name": "RHSA-2017:2483",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.nomachine.com/SU08O00185"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"name": "RHSA-2017:3475",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"name": "[dev] 20170619 CVE-2017-7679: mod_mime buffer overread",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us"
},
{
"name": "RHSA-2017:3195",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "99170",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99170"
},
{
"name": "RHSA-2017:3476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"name": "RHSA-2017:3477",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"name": "DSA-3896",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"name": "RHSA-2017:3194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"name": "RHSA-2017:3193",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"name": "1038711",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038711"
},
{
"name": "GLSA-201710-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"name": "RHSA-2017:2478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [11/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-7679",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_value": "2.2.0 to 2.2.32"
},
{
"version_value": "2.4.0 to 2.4.25"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overread (CWE-126)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2017:2479",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"name": "RHSA-2017:2483",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"name": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679",
"refsource": "MISC",
"url": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180601-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"name": "https://www.nomachine.com/SU08O00185",
"refsource": "CONFIRM",
"url": "https://www.nomachine.com/SU08O00185"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"name": "RHSA-2017:3475",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"name": "[dev] 20170619 CVE-2017-7679: mod_mime buffer overread",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751@%3Cdev.httpd.apache.org%3E"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us"
},
{
"name": "RHSA-2017:3195",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "99170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99170"
},
{
"name": "RHSA-2017:3476",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"name": "RHSA-2017:3477",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"name": "DSA-3896",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"name": "RHSA-2017:3194",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"name": "RHSA-2017:3193",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"name": "1038711",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038711"
},
{
"name": "GLSA-201710-32",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"name": "RHSA-2017:2478",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "https://www.tenable.com/security/tns-2019-09",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [11/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-7679",
"datePublished": "2017-06-20T01:00:00",
"dateReserved": "2017-04-11T00:00:00",
"dateUpdated": "2024-08-05T16:12:27.904Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.2.0\", \"versionEndExcluding\": \"2.2.33\", \"matchCriteriaId\": \"288DBB49-70C3-44FD-B0F1-620FF9A21984\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.4.0\", \"versionEndExcluding\": \"2.4.26\", \"matchCriteriaId\": \"62198456-19E7-49D4-80C2-0008C43AC925\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.\"}, {\"lang\": \"es\", \"value\": \"En Apache httpd, en versiones 2.2.x anteriores a la 2.2.33 y versiones 2.4.x anteriores a la 2.4.26, mod_mime puede leer un byte m\\u00e1s all\\u00e1 del final de un b\\u00fafer cuando est\\u00e1 enviando una cabecera de respuesta del tipo Content maliciosa.\"}]",
"id": "CVE-2017-7679",
"lastModified": "2024-11-21T03:32:26.843",
"metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": true, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2017-06-20T01:29:00.423",
"references": "[{\"url\": \"http://www.debian.org/security/2017/dsa-3896\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\", \"source\": \"security@apache.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/99170\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038711\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2478\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2479\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2483\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3193\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3194\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3195\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3475\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3476\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3477\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679\", \"source\": \"security@apache.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"security@apache.org\"}, {\"url\": \"https://security.gentoo.org/glsa/201710-32\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180601-0002/\", \"source\": \"security@apache.org\"}, {\"url\": \"https://support.apple.com/HT208221\", \"source\": \"security@apache.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us\", \"source\": \"security@apache.org\"}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us\", \"source\": \"security@apache.org\"}, {\"url\": \"https://www.nomachine.com/SU08O00185\", \"source\": \"security@apache.org\", \"tags\": [\"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://www.tenable.com/security/tns-2019-09\", \"source\": \"security@apache.org\"}, {\"url\": \"http://www.debian.org/security/2017/dsa-3896\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/99170\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id/1038711\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2478\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2479\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2483\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3193\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3194\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3195\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3475\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3476\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:3477\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://security.gentoo.org/glsa/201710-32\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20180601-0002/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.apple.com/HT208221\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.nomachine.com/SU08O00185\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mitigation\", \"Third Party Advisory\"]}, {\"url\": \"https://www.tenable.com/security/tns-2019-09\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"security@apache.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-126\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-119\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2017-7679\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2017-06-20T01:29:00.423\",\"lastModified\":\"2025-04-20T01:37:25.860\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.\"},{\"lang\":\"es\",\"value\":\"En Apache httpd, en versiones 2.2.x anteriores a la 2.2.33 y versiones 2.4.x anteriores a la 2.4.26, mod_mime puede leer un byte m\u00e1s all\u00e1 del final de un b\u00fafer cuando est\u00e1 enviando una cabecera de respuesta del tipo Content maliciosa.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-126\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.2.0\",\"versionEndExcluding\":\"2.2.33\",\"matchCriteriaId\":\"288DBB49-70C3-44FD-B0F1-620FF9A21984\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndExcluding\":\"2.4.26\",\"matchCriteriaId\":\"62198456-19E7-49D4-80C2-0008C43AC925\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3896\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99170\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038711\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2478\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2479\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2483\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3193\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3194\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3195\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3475\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3476\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3477\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679\",\"source\":\"security@apache.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.gentoo.org/glsa/201710-32\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180601-0002/\",\"source\":\"security@apache.org\"},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us\",\"source\":\"security@apache.org\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us\",\"source\":\"security@apache.org\"},{\"url\":\"https://www.nomachine.com/SU08O00185\",\"source\":\"security@apache.org\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2019-09\",\"source\":\"security@apache.org\"},{\"url\":\"http://www.debian.org/security/2017/dsa-3896\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99170\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038711\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2478\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2479\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2483\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3193\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3194\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3195\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3475\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3476\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3477\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://security.gentoo.org/glsa/201710-32\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180601-0002/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.nomachine.com/SU08O00185\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mitigation\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2019-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
FKIE_CVE-2017-7679
Vulnerability from fkie_nvd - Published: 2017-06-20 01:29 - Updated: 2025-04-20 01:37
Severity ?
Summary
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
References
| URL | Tags | ||
|---|---|---|---|
| security@apache.org | http://www.debian.org/security/2017/dsa-3896 | Third Party Advisory | |
| security@apache.org | http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | Patch, Third Party Advisory | |
| security@apache.org | http://www.securityfocus.com/bid/99170 | Third Party Advisory, VDB Entry | |
| security@apache.org | http://www.securitytracker.com/id/1038711 | Third Party Advisory, VDB Entry | |
| security@apache.org | https://access.redhat.com/errata/RHSA-2017:2478 | Third Party Advisory | |
| security@apache.org | https://access.redhat.com/errata/RHSA-2017:2479 | Third Party Advisory | |
| security@apache.org | https://access.redhat.com/errata/RHSA-2017:2483 | Third Party Advisory | |
| security@apache.org | https://access.redhat.com/errata/RHSA-2017:3193 | Third Party Advisory | |
| security@apache.org | https://access.redhat.com/errata/RHSA-2017:3194 | Third Party Advisory | |
| security@apache.org | https://access.redhat.com/errata/RHSA-2017:3195 | Third Party Advisory | |
| security@apache.org | https://access.redhat.com/errata/RHSA-2017:3475 | Third Party Advisory | |
| security@apache.org | https://access.redhat.com/errata/RHSA-2017:3476 | Third Party Advisory | |
| security@apache.org | https://access.redhat.com/errata/RHSA-2017:3477 | Third Party Advisory | |
| security@apache.org | https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679 | Exploit, Third Party Advisory | |
| security@apache.org | https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E | ||
| security@apache.org | https://security.gentoo.org/glsa/201710-32 | Third Party Advisory | |
| security@apache.org | https://security.netapp.com/advisory/ntap-20180601-0002/ | ||
| security@apache.org | https://support.apple.com/HT208221 | Third Party Advisory | |
| security@apache.org | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03821en_us | ||
| security@apache.org | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us | ||
| security@apache.org | https://www.nomachine.com/SU08O00185 | Mitigation, Third Party Advisory | |
| security@apache.org | https://www.tenable.com/security/tns-2019-09 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2017/dsa-3896 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/99170 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1038711 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:2478 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:2479 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:2483 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3193 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3194 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3195 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3475 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3476 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://access.redhat.com/errata/RHSA-2017:3477 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/201710-32 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.netapp.com/advisory/ntap-20180601-0002/ | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.apple.com/HT208221 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03821en_us | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03908en_us | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.nomachine.com/SU08O00185 | Mitigation, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.tenable.com/security/tns-2019-09 |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| apache | http_server | * | |
| apache | http_server | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "288DBB49-70C3-44FD-B0F1-620FF9A21984",
"versionEndExcluding": "2.2.33",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"matchCriteriaId": "62198456-19E7-49D4-80C2-0008C43AC925",
"versionEndExcluding": "2.4.26",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header."
},
{
"lang": "es",
"value": "En Apache httpd, en versiones 2.2.x anteriores a la 2.2.33 y versiones 2.4.x anteriores a la 2.4.26, mod_mime puede leer un byte m\u00e1s all\u00e1 del final de un b\u00fafer cuando est\u00e1 enviando una cabecera de respuesta del tipo Content maliciosa."
}
],
"id": "CVE-2017-7679",
"lastModified": "2025-04-20T01:37:25.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-20T01:29:00.423",
"references": [
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"source": "security@apache.org",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99170"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038711"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"source": "security@apache.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"source": "security@apache.org",
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"source": "security@apache.org",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208221"
},
{
"source": "security@apache.org",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us"
},
{
"source": "security@apache.org",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"source": "security@apache.org",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.nomachine.com/SU08O00185"
},
{
"source": "security@apache.org",
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99170"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038711"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.nomachine.com/SU08O00185"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.tenable.com/security/tns-2019-09"
}
],
"sourceIdentifier": "security@apache.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-126"
}
],
"source": "security@apache.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
RHSA-2017:3193
Vulnerability from csaf_redhat - Published: 2017-11-13 17:35 - Updated: 2025-11-21 18:02Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 7.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3193",
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3193.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2025-11-21T18:02:50+00:00",
"generator": {
"date": "2025-11-21T18:02:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:3193",
"initial_release_date": "2017-11-13T17:35:40+00:00",
"revision_history": [
{
"date": "2017-11-13T17:35:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-13T17:35:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:02:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.2::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.2::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.2::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.src",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.src",
"product_id": "httpd-0:2.4.6-40.el7_2.6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"product": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"product_id": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.6-40.el7_2.6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.src",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.src",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.src",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
}
]
}
RHSA-2017:3477
Vulnerability from csaf_redhat - Published: 2017-12-15 22:34 - Updated: 2025-11-21 18:03Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for JBoss Core Services on RHEL 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for JBoss Core Services on RHEL 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3477",
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "JBCS-403",
"url": "https://issues.redhat.com/browse/JBCS-403"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3477.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"tracking": {
"current_release_date": "2025-11-21T18:03:11+00:00",
"generator": {
"date": "2025-11-21T18:03:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:3477",
"initial_release_date": "2017-12-15T22:34:40+00:00",
"revision_history": [
{
"date": "2017-12-15T22:34:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-15T22:34:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:03:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-125.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-125.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-15.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_1.jbcs.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-125.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-125.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-15.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_1.jbcs.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.23-125.jbcs.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
}
]
}
RHSA-2017_2483
Vulnerability from csaf_redhat - Published: 2017-08-16 23:04 - Updated: 2024-11-14 23:36Summary
Red Hat Security Advisory: httpd24-httpd security update
Notes
Topic
An update for httpd24-httpd is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A NULL pointer dereference flaw was found in the mod_http2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request. (CVE-2017-7659)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd24-httpd is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A NULL pointer dereference flaw was found in the mod_http2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request. (CVE-2017-7659)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2483",
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463199"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2483.json"
}
],
"title": "Red Hat Security Advisory: httpd24-httpd security update",
"tracking": {
"current_release_date": "2024-11-14T23:36:29+00:00",
"generator": {
"date": "2024-11-14T23:36:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:2483",
"initial_release_date": "2017-08-16T23:04:17+00:00",
"revision_history": [
{
"date": "2017-08-16T23:04:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-08-16T23:04:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:36:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.25-9.el7.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.25-9.el7.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.25-9.el6.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.25-9.el6.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.25-9.el6.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"product": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"product_id": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-manual@2.4.25-9.el7.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"product": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"product_id": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-manual@2.4.25-9.el6.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"product_id": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el7.1?arch=src"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"product_id": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el6.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7659",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463199"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the mod_http2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2 NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7659"
},
{
"category": "external",
"summary": "RHBZ#1463199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7659",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7659"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_http2 NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
}
]
}
RHSA-2017_3475
Vulnerability from csaf_redhat - Published: 2017-12-15 22:23 - Updated: 2024-11-14 23:39Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Core Services.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1 and 2), which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Core Services.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1 and 2), which are documented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3475",
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp\u0026downloadType=securityPatches\u0026version=2.4.23",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp\u0026downloadType=securityPatches\u0026version=2.4.23"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "JBCS-404",
"url": "https://issues.redhat.com/browse/JBCS-404"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3475.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"tracking": {
"current_release_date": "2024-11-14T23:39:55+00:00",
"generator": {
"date": "2024-11-14T23:39:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:3475",
"initial_release_date": "2017-12-15T22:23:06+00:00",
"revision_history": [
{
"date": "2017-12-15T22:23:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-15T22:23:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:39:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services 1",
"product": {
"name": "Red Hat JBoss Core Services 1",
"product_id": "Red Hat JBoss Core Services 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:23:06+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:23:06+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:23:06+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:23:06+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:23:06+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
}
]
}
RHSA-2017:2479
Vulnerability from csaf_redhat - Published: 2017-08-15 18:23 - Updated: 2025-11-21 18:02Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2479",
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2479.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2025-11-21T18:02:00+00:00",
"generator": {
"date": "2025-11-21T18:02:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:2479",
"initial_release_date": "2017-08-15T18:23:44+00:00",
"revision_history": [
{
"date": "2017-08-15T18:23:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-08-15T18:23:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:02:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"product": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"product_id": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.6-67.el7_4.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.src",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.src",
"product_id": "httpd-0:2.4.6-67.el7_4.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:23:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:23:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:23:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:23:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:23:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
}
]
}
RHSA-2017:2483
Vulnerability from csaf_redhat - Published: 2017-08-16 23:04 - Updated: 2025-11-21 18:02Summary
Red Hat Security Advisory: httpd24-httpd security update
Notes
Topic
An update for httpd24-httpd is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A NULL pointer dereference flaw was found in the mod_http2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request. (CVE-2017-7659)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd24-httpd is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A NULL pointer dereference flaw was found in the mod_http2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request. (CVE-2017-7659)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2483",
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463199"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2483.json"
}
],
"title": "Red Hat Security Advisory: httpd24-httpd security update",
"tracking": {
"current_release_date": "2025-11-21T18:02:01+00:00",
"generator": {
"date": "2025-11-21T18:02:01+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:2483",
"initial_release_date": "2017-08-16T23:04:17+00:00",
"revision_history": [
{
"date": "2017-08-16T23:04:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-08-16T23:04:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:02:01+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.25-9.el7.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.25-9.el7.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.25-9.el6.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.25-9.el6.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.25-9.el6.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"product": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"product_id": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-manual@2.4.25-9.el7.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"product": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"product_id": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-manual@2.4.25-9.el6.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"product_id": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el7.1?arch=src"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"product_id": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el6.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7659",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463199"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the mod_http2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2 NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7659"
},
{
"category": "external",
"summary": "RHBZ#1463199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7659",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7659"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_http2 NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-16T23:04:17+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
}
]
}
RHSA-2017:3476
Vulnerability from csaf_redhat - Published: 2017-12-15 22:34 - Updated: 2025-11-21 18:03Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for JBoss Core Services on RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for JBoss Core Services on RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3476",
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "JBCS-402",
"url": "https://issues.redhat.com/browse/JBCS-402"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3476.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"tracking": {
"current_release_date": "2025-11-21T18:03:11+00:00",
"generator": {
"date": "2025-11-21T18:03:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:3476",
"initial_release_date": "2017-12-15T22:34:21+00:00",
"revision_history": [
{
"date": "2017-12-15T22:34:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-15T22:34:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:03:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-125.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-125.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-15.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_1.jbcs.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.23-125.jbcs.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
}
]
}
RHSA-2017_2479
Vulnerability from csaf_redhat - Published: 2017-08-15 18:23 - Updated: 2024-11-14 23:36Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2479",
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2479.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-11-14T23:36:03+00:00",
"generator": {
"date": "2024-11-14T23:36:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:2479",
"initial_release_date": "2017-08-15T18:23:44+00:00",
"revision_history": [
{
"date": "2017-08-15T18:23:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-08-15T18:23:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:36:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"product": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"product_id": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.6-67.el7_4.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.src",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.src",
"product_id": "httpd-0:2.4.6-67.el7_4.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:23:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:23:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:23:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:23:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:23:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
}
]
}
RHSA-2017:3194
Vulnerability from csaf_redhat - Published: 2017-11-13 17:36 - Updated: 2025-11-21 18:02Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.3 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 7.3 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3194",
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3194.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2025-11-21T18:02:49+00:00",
"generator": {
"date": "2025-11-21T18:02:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:3194",
"initial_release_date": "2017-11-13T17:36:28+00:00",
"revision_history": [
{
"date": "2017-11-13T17:36:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-13T17:36:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:02:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.3::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.3::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.3::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"product": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"product_id": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.6-45.el7_3.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.src",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.src",
"product_id": "httpd-0:2.4.6-45.el7_3.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.src",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.src",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.src",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
}
]
}
RHSA-2017_3195
Vulnerability from csaf_redhat - Published: 2017-11-13 17:35 - Updated: 2024-11-14 23:38Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 6.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 6.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3195",
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3195.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-11-14T23:38:47+00:00",
"generator": {
"date": "2024-11-14T23:38:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:3195",
"initial_release_date": "2017-11-13T17:35:58+00:00",
"revision_history": [
{
"date": "2017-11-13T17:35:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-13T17:35:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:38:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:6.7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:6.7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:6.7::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.src",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.src",
"product_id": "httpd-0:2.2.15-47.el6_7.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"product": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"product_id": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.15-47.el6_7.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.src as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.src",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.src as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.src",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.src as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.src",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
}
]
}
RHSA-2017_3476
Vulnerability from csaf_redhat - Published: 2017-12-15 22:34 - Updated: 2024-11-14 23:39Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for JBoss Core Services on RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for JBoss Core Services on RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3476",
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "JBCS-402",
"url": "https://issues.redhat.com/browse/JBCS-402"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3476.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"tracking": {
"current_release_date": "2024-11-14T23:39:45+00:00",
"generator": {
"date": "2024-11-14T23:39:45+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:3476",
"initial_release_date": "2017-12-15T22:34:21+00:00",
"revision_history": [
{
"date": "2017-12-15T22:34:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-15T22:34:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:39:45+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-125.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-125.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-15.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_1.jbcs.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.23-125.jbcs.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
}
]
}
RHSA-2017:2478
Vulnerability from csaf_redhat - Published: 2017-08-15 18:11 - Updated: 2025-11-21 18:02Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2478",
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2478.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2025-11-21T18:02:00+00:00",
"generator": {
"date": "2025-11-21T18:02:00+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:2478",
"initial_release_date": "2017-08-15T18:11:45+00:00",
"revision_history": [
{
"date": "2017-08-15T18:11:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-08-15T18:11:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:02:00+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.src",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.src",
"product_id": "httpd-0:2.2.15-60.el6_9.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"product": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"product_id": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.15-60.el6_9.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
}
]
}
RHSA-2017_2478
Vulnerability from csaf_redhat - Published: 2017-08-15 18:11 - Updated: 2024-11-14 23:36Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2478",
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_2478.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-11-14T23:36:10+00:00",
"generator": {
"date": "2024-11-14T23:36:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:2478",
"initial_release_date": "2017-08-15T18:11:45+00:00",
"revision_history": [
{
"date": "2017-08-15T18:11:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-08-15T18:11:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:36:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.src",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.src",
"product_id": "httpd-0:2.2.15-60.el6_9.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"product": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"product_id": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.15-60.el6_9.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-08-15T18:11:45+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
}
]
}
RHSA-2017:3475
Vulnerability from csaf_redhat - Published: 2017-12-15 22:23 - Updated: 2025-11-21 18:03Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Core Services.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1 and 2), which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Core Services.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1 and 2), which are documented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3475",
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp\u0026downloadType=securityPatches\u0026version=2.4.23",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp\u0026downloadType=securityPatches\u0026version=2.4.23"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "JBCS-404",
"url": "https://issues.redhat.com/browse/JBCS-404"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3475.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"tracking": {
"current_release_date": "2025-11-21T18:03:11+00:00",
"generator": {
"date": "2025-11-21T18:03:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:3475",
"initial_release_date": "2017-12-15T22:23:06+00:00",
"revision_history": [
{
"date": "2017-12-15T22:23:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-15T22:23:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:03:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Text-Only JBCS",
"product": {
"name": "Text-Only JBCS",
"product_id": "Text-Only JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:23:06+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:23:06+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:23:06+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:23:06+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"Text-Only JBCS"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Text-Only JBCS"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:23:06+00:00",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Text-Only JBCS"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"Text-Only JBCS"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
}
]
}
RHSA-2017_3477
Vulnerability from csaf_redhat - Published: 2017-12-15 22:34 - Updated: 2024-11-14 23:39Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for JBoss Core Services on RHEL 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for JBoss Core Services on RHEL 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3477",
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "JBCS-403",
"url": "https://issues.redhat.com/browse/JBCS-403"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3477.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"tracking": {
"current_release_date": "2024-11-14T23:39:50+00:00",
"generator": {
"date": "2024-11-14T23:39:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:3477",
"initial_release_date": "2017-12-15T22:34:40+00:00",
"revision_history": [
{
"date": "2017-12-15T22:34:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-15T22:34:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:39:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-125.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-125.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-15.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_1.jbcs.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-125.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-125.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-15.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_1.jbcs.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.23-125.jbcs.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-12-15T22:34:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
}
]
}
RHSA-2017_3193
Vulnerability from csaf_redhat - Published: 2017-11-13 17:35 - Updated: 2024-11-14 23:38Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 7.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3193",
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3193.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-11-14T23:38:37+00:00",
"generator": {
"date": "2024-11-14T23:38:37+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:3193",
"initial_release_date": "2017-11-13T17:35:40+00:00",
"revision_history": [
{
"date": "2017-11-13T17:35:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-13T17:35:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:38:37+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.2::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.2::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.2::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.src",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.src",
"product_id": "httpd-0:2.4.6-40.el7_2.6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"product": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"product_id": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.6-40.el7_2.6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.src",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.src",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.src",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
}
]
}
RHSA-2017:3195
Vulnerability from csaf_redhat - Published: 2017-11-13 17:35 - Updated: 2025-11-21 18:02Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 6.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 6.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3195",
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3195.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2025-11-21T18:02:50+00:00",
"generator": {
"date": "2025-11-21T18:02:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2017:3195",
"initial_release_date": "2017-11-13T17:35:58+00:00",
"revision_history": [
{
"date": "2017-11-13T17:35:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-13T17:35:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:02:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:6.7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:6.7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:6.7::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.src",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.src",
"product_id": "httpd-0:2.2.15-47.el6_7.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"product": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"product_id": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.15-47.el6_7.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.src as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.src",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.src as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.src",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.src as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.src",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:35:58+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
}
]
}
RHSA-2017_3194
Vulnerability from csaf_redhat - Published: 2017-11-13 17:36 - Updated: 2024-11-14 23:38Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.3 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 7.3 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3194",
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2017/rhsa-2017_3194.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-11-14T23:38:42+00:00",
"generator": {
"date": "2024-11-14T23:38:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2017:3194",
"initial_release_date": "2017-11-13T17:36:28+00:00",
"revision_history": [
{
"date": "2017-11-13T17:36:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-13T17:36:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T23:38:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.3::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.3::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.3::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"product": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"product_id": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.6-45.el7_3.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.src",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.src",
"product_id": "httpd-0:2.4.6-45.el7_3.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.src",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.src",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.src",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2017-11-13T17:36:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
}
]
}
SUSE-SU-2017:2756-1
Vulnerability from csaf_suse - Published: 2017-10-18 11:46 - Updated: 2017-10-18 11:46Summary
Security update for apache2
Notes
Title of the patch
Security update for apache2
Description of the patch
This update for apache2 fixes several issues.
These security issues were fixed:
- CVE-2017-9798: Prevent use-after-free use of memory that allowed for an
information leak via OPTIONS (bsc#1058058)
- CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest could have
lead to leakage of potentially confidential information, and a segfault in
other cases resulting in DoS (bsc#1048576).
- CVE-2017-7679: mod_mime could have read one byte past the end of a buffer
when sending a malicious Content-Type response header (bsc#1045060).
- CVE-2017-3169: mod_ssl may dereferenced a NULL pointer when third-party
modules call ap_hook_process_connection() during an HTTP request to an HTTPS
port allowing for DoS (bsc#1045062).
- CVE-2017-3167: Use of the ap_get_basic_auth_pw() by third-party modules
outside of the authentication phase may have lead to authentication
requirements being bypassed (bsc#1045065).
These non-security issues were fixed:
- remove /usr/bin/http2 symlink only during apache2 package
uninstall, not upgrade (bsc#1041830)
- gensslcert: use hostname when fqdn is too long (bsc#1035829)
- add NotifyAccess=all to service file (bsc#980663)
Patchnames
SUSE-SLE-SERVER-12-2017-1709
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apache2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apache2 fixes several issues.\n\nThese security issues were fixed:\n \n- CVE-2017-9798: Prevent use-after-free use of memory that allowed for an\n information leak via OPTIONS (bsc#1058058)\n- CVE-2017-9788: Uninitialized memory reflection in mod_auth_digest could have\n lead to leakage of potentially confidential information, and a segfault in\n other cases resulting in DoS (bsc#1048576).\n- CVE-2017-7679: mod_mime could have read one byte past the end of a buffer\n when sending a malicious Content-Type response header (bsc#1045060).\n- CVE-2017-3169: mod_ssl may dereferenced a NULL pointer when third-party\n modules call ap_hook_process_connection() during an HTTP request to an HTTPS\n port allowing for DoS (bsc#1045062).\n- CVE-2017-3167: Use of the ap_get_basic_auth_pw() by third-party modules\n outside of the authentication phase may have lead to authentication\n requirements being bypassed (bsc#1045065).\n\nThese non-security issues were fixed:\n\n- remove /usr/bin/http2 symlink only during apache2 package \n uninstall, not upgrade (bsc#1041830)\n- gensslcert: use hostname when fqdn is too long (bsc#1035829)\n- add NotifyAccess=all to service file (bsc#980663)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-SERVER-12-2017-1709",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2756-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2756-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172756-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2756-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003305.html"
},
{
"category": "self",
"summary": "SUSE Bug 1035829",
"url": "https://bugzilla.suse.com/1035829"
},
{
"category": "self",
"summary": "SUSE Bug 1041830",
"url": "https://bugzilla.suse.com/1041830"
},
{
"category": "self",
"summary": "SUSE Bug 1045060",
"url": "https://bugzilla.suse.com/1045060"
},
{
"category": "self",
"summary": "SUSE Bug 1045062",
"url": "https://bugzilla.suse.com/1045062"
},
{
"category": "self",
"summary": "SUSE Bug 1045065",
"url": "https://bugzilla.suse.com/1045065"
},
{
"category": "self",
"summary": "SUSE Bug 1048576",
"url": "https://bugzilla.suse.com/1048576"
},
{
"category": "self",
"summary": "SUSE Bug 1058058",
"url": "https://bugzilla.suse.com/1058058"
},
{
"category": "self",
"summary": "SUSE Bug 980663",
"url": "https://bugzilla.suse.com/980663"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3167 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3169 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7679 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9788 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9798 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9798/"
}
],
"title": "Security update for apache2",
"tracking": {
"current_release_date": "2017-10-18T11:46:36Z",
"generator": {
"date": "2017-10-18T11:46:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2756-1",
"initial_release_date": "2017-10-18T11:46:36Z",
"revision_history": [
{
"date": "2017-10-18T11:46:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-doc-2.4.10-14.28.1.noarch",
"product": {
"name": "apache2-doc-2.4.10-14.28.1.noarch",
"product_id": "apache2-doc-2.4.10-14.28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.10-14.28.1.ppc64le",
"product": {
"name": "apache2-2.4.10-14.28.1.ppc64le",
"product_id": "apache2-2.4.10-14.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.10-14.28.1.ppc64le",
"product": {
"name": "apache2-example-pages-2.4.10-14.28.1.ppc64le",
"product_id": "apache2-example-pages-2.4.10-14.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.10-14.28.1.ppc64le",
"product": {
"name": "apache2-prefork-2.4.10-14.28.1.ppc64le",
"product_id": "apache2-prefork-2.4.10-14.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.10-14.28.1.ppc64le",
"product": {
"name": "apache2-utils-2.4.10-14.28.1.ppc64le",
"product_id": "apache2-utils-2.4.10-14.28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.10-14.28.1.ppc64le",
"product": {
"name": "apache2-worker-2.4.10-14.28.1.ppc64le",
"product_id": "apache2-worker-2.4.10-14.28.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.10-14.28.1.s390x",
"product": {
"name": "apache2-2.4.10-14.28.1.s390x",
"product_id": "apache2-2.4.10-14.28.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.10-14.28.1.s390x",
"product": {
"name": "apache2-example-pages-2.4.10-14.28.1.s390x",
"product_id": "apache2-example-pages-2.4.10-14.28.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.10-14.28.1.s390x",
"product": {
"name": "apache2-prefork-2.4.10-14.28.1.s390x",
"product_id": "apache2-prefork-2.4.10-14.28.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.10-14.28.1.s390x",
"product": {
"name": "apache2-utils-2.4.10-14.28.1.s390x",
"product_id": "apache2-utils-2.4.10-14.28.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.10-14.28.1.s390x",
"product": {
"name": "apache2-worker-2.4.10-14.28.1.s390x",
"product_id": "apache2-worker-2.4.10-14.28.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.10-14.28.1.x86_64",
"product": {
"name": "apache2-2.4.10-14.28.1.x86_64",
"product_id": "apache2-2.4.10-14.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.10-14.28.1.x86_64",
"product": {
"name": "apache2-example-pages-2.4.10-14.28.1.x86_64",
"product_id": "apache2-example-pages-2.4.10-14.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.10-14.28.1.x86_64",
"product": {
"name": "apache2-prefork-2.4.10-14.28.1.x86_64",
"product_id": "apache2-prefork-2.4.10-14.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.10-14.28.1.x86_64",
"product": {
"name": "apache2-utils-2.4.10-14.28.1.x86_64",
"product_id": "apache2-utils-2.4.10-14.28.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.10-14.28.1.x86_64",
"product": {
"name": "apache2-worker-2.4.10-14.28.1.x86_64",
"product_id": "apache2-worker-2.4.10-14.28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.10-14.28.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le"
},
"product_reference": "apache2-2.4.10-14.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.10-14.28.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x"
},
"product_reference": "apache2-2.4.10-14.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.10-14.28.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64"
},
"product_reference": "apache2-2.4.10-14.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.10-14.28.1.noarch as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch"
},
"product_reference": "apache2-doc-2.4.10-14.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.10-14.28.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.10-14.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.10-14.28.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.10-14.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.10-14.28.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.10-14.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.10-14.28.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.10-14.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.10-14.28.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x"
},
"product_reference": "apache2-prefork-2.4.10-14.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.10-14.28.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.10-14.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.10-14.28.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.10-14.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.10-14.28.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x"
},
"product_reference": "apache2-utils-2.4.10-14.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.10-14.28.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64"
},
"product_reference": "apache2-utils-2.4.10-14.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.10-14.28.1.ppc64le as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.10-14.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.10-14.28.1.s390x as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x"
},
"product_reference": "apache2-worker-2.4.10-14.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.10-14.28.1.x86_64 as component of SUSE Linux Enterprise Server 12-LTSS",
"product_id": "SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
},
"product_reference": "apache2-worker-2.4.10-14.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3167"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3167",
"url": "https://www.suse.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "SUSE Bug 1045065 for CVE-2017-3167",
"url": "https://bugzilla.suse.com/1045065"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-3167",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-18T11:46:36Z",
"details": "important"
}
],
"title": "CVE-2017-3167"
},
{
"cve": "CVE-2017-3169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3169"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3169",
"url": "https://www.suse.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "SUSE Bug 1045062 for CVE-2017-3169",
"url": "https://bugzilla.suse.com/1045062"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-3169",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-18T11:46:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-3169"
},
{
"cve": "CVE-2017-7679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7679"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7679",
"url": "https://www.suse.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "SUSE Bug 1045060 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1045060"
},
{
"category": "external",
"summary": "SUSE Bug 1057861 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1057861"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-18T11:46:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-7679"
},
{
"cve": "CVE-2017-9788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9788"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type \u0027Digest\u0027 was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no \u0027=\u0027 assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9788",
"url": "https://www.suse.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "SUSE Bug 1048576 for CVE-2017-9788",
"url": "https://bugzilla.suse.com/1048576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-18T11:46:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-9788"
},
{
"cve": "CVE-2017-9798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9798"
}
],
"notes": [
{
"category": "general",
"text": "Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user\u0027s .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9798",
"url": "https://www.suse.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "SUSE Bug 1058058 for CVE-2017-9798",
"url": "https://bugzilla.suse.com/1058058"
},
{
"category": "external",
"summary": "SUSE Bug 1060757 for CVE-2017-9798",
"url": "https://bugzilla.suse.com/1060757"
},
{
"category": "external",
"summary": "SUSE Bug 1077582 for CVE-2017-9798",
"url": "https://bugzilla.suse.com/1077582"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-9798",
"url": "https://bugzilla.suse.com/1078450"
},
{
"category": "external",
"summary": "SUSE Bug 1089997 for CVE-2017-9798",
"url": "https://bugzilla.suse.com/1089997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-doc-2.4.10-14.28.1.noarch",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-example-pages-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-prefork-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-utils-2.4.10-14.28.1.x86_64",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.ppc64le",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.s390x",
"SUSE Linux Enterprise Server 12-LTSS:apache2-worker-2.4.10-14.28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-18T11:46:36Z",
"details": "moderate"
}
],
"title": "CVE-2017-9798"
}
]
}
SUSE-SU-2017:2907-1
Vulnerability from csaf_suse - Published: 2017-10-30 14:55 - Updated: 2017-10-30 14:55Summary
Security update for apache2
Notes
Title of the patch
Security update for apache2
Description of the patch
This update for apache2 fixes the following issues:
- Allow disabling SNI on proxy connections using 'SetEnv proxy-disable-sni 1' in the configuration files. (bsc#1052830)
- Allow ECDH again in mod_ssl, it had been incorrectly disabled with the 2.2.34 update. (bsc#1064561)
Following security issue has been fixed:
- CVE-2017-9798: A use-after-free in the OPTIONS command could be used by attackers to disclose memory of the apache server process, when htaccess uses incorrect Limit statement. (bsc#1058058)
Additionally, references to the following security issues, fixed by the previous version-update of apache2
to Apache HTTPD 2.2.34 have been added:
- CVE-2017-7668: The HTTP strict parsing introduced a bug in token list parsing, which allowed ap_find_token() to
search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may
have be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value. (bsc#1045061)
- CVE-2017-3169: mod_ssl may have de-referenced a NULL pointer when third-party modules call
ap_hook_process_connection() during an HTTP request to an HTTPS port allowing for DoS. (bsc#1045062)
- CVE-2017-3167: Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may have
lead to authentication requirements being bypassed. (bsc#1045065)
- CVE-2017-7679: mod_mime could have read one byte past the end of a buffer when sending a malicious Content-Type
response header. (bsc#1045060)
Patchnames
sdksp4-apache2-13331,sleposp3-apache2-13331,slessp3-apache2-13331,slessp4-apache2-13331,slestso13-apache2-13331
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apache2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for apache2 fixes the following issues:\n\n- Allow disabling SNI on proxy connections using \u0027SetEnv proxy-disable-sni 1\u0027 in the configuration files. (bsc#1052830)\n- Allow ECDH again in mod_ssl, it had been incorrectly disabled with the 2.2.34 update. (bsc#1064561)\n\nFollowing security issue has been fixed:\n\n- CVE-2017-9798: A use-after-free in the OPTIONS command could be used by attackers to disclose memory of the apache server process, when htaccess uses incorrect Limit statement. (bsc#1058058)\n\nAdditionally, references to the following security issues, fixed by the previous version-update of apache2\nto Apache HTTPD 2.2.34 have been added:\n\n- CVE-2017-7668: The HTTP strict parsing introduced a bug in token list parsing, which allowed ap_find_token() to\n search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may\n have be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value. (bsc#1045061)\n- CVE-2017-3169: mod_ssl may have de-referenced a NULL pointer when third-party modules call \n ap_hook_process_connection() during an HTTP request to an HTTPS port allowing for DoS. (bsc#1045062)\n- CVE-2017-3167: Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may have\n lead to authentication requirements being bypassed. (bsc#1045065)\n- CVE-2017-7679: mod_mime could have read one byte past the end of a buffer when sending a malicious Content-Type\n response header. (bsc#1045060)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "sdksp4-apache2-13331,sleposp3-apache2-13331,slessp3-apache2-13331,slessp4-apache2-13331,slestso13-apache2-13331",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2907-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2907-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172907-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2907-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-October/003365.html"
},
{
"category": "self",
"summary": "SUSE Bug 1045060",
"url": "https://bugzilla.suse.com/1045060"
},
{
"category": "self",
"summary": "SUSE Bug 1045061",
"url": "https://bugzilla.suse.com/1045061"
},
{
"category": "self",
"summary": "SUSE Bug 1045062",
"url": "https://bugzilla.suse.com/1045062"
},
{
"category": "self",
"summary": "SUSE Bug 1045065",
"url": "https://bugzilla.suse.com/1045065"
},
{
"category": "self",
"summary": "SUSE Bug 1052830",
"url": "https://bugzilla.suse.com/1052830"
},
{
"category": "self",
"summary": "SUSE Bug 1058058",
"url": "https://bugzilla.suse.com/1058058"
},
{
"category": "self",
"summary": "SUSE Bug 1064561",
"url": "https://bugzilla.suse.com/1064561"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2009-2699 page",
"url": "https://www.suse.com/security/cve/CVE-2009-2699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2010-0425 page",
"url": "https://www.suse.com/security/cve/CVE-2010-0425/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2012-0021 page",
"url": "https://www.suse.com/security/cve/CVE-2012-0021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2014-0118 page",
"url": "https://www.suse.com/security/cve/CVE-2014-0118/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3167 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3169 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7668 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7668/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7679 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9798 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9798/"
}
],
"title": "Security update for apache2",
"tracking": {
"current_release_date": "2017-10-30T14:55:59Z",
"generator": {
"date": "2017-10-30T14:55:59Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2907-1",
"initial_release_date": "2017-10-30T14:55:59Z",
"revision_history": [
{
"date": "2017-10-30T14:55:59Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.2.34-70.12.1.i586",
"product": {
"name": "apache2-2.2.34-70.12.1.i586",
"product_id": "apache2-2.2.34-70.12.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.2.34-70.12.1.i586",
"product": {
"name": "apache2-devel-2.2.34-70.12.1.i586",
"product_id": "apache2-devel-2.2.34-70.12.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-doc-2.2.34-70.12.1.i586",
"product": {
"name": "apache2-doc-2.2.34-70.12.1.i586",
"product_id": "apache2-doc-2.2.34-70.12.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.2.34-70.12.1.i586",
"product": {
"name": "apache2-example-pages-2.2.34-70.12.1.i586",
"product_id": "apache2-example-pages-2.2.34-70.12.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.2.34-70.12.1.i586",
"product": {
"name": "apache2-prefork-2.2.34-70.12.1.i586",
"product_id": "apache2-prefork-2.2.34-70.12.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.2.34-70.12.1.i586",
"product": {
"name": "apache2-utils-2.2.34-70.12.1.i586",
"product_id": "apache2-utils-2.2.34-70.12.1.i586"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.2.34-70.12.1.i586",
"product": {
"name": "apache2-worker-2.2.34-70.12.1.i586",
"product_id": "apache2-worker-2.2.34-70.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-devel-2.2.34-70.12.1.ia64",
"product": {
"name": "apache2-devel-2.2.34-70.12.1.ia64",
"product_id": "apache2-devel-2.2.34-70.12.1.ia64"
}
},
{
"category": "product_version",
"name": "apache2-2.2.34-70.12.1.ia64",
"product": {
"name": "apache2-2.2.34-70.12.1.ia64",
"product_id": "apache2-2.2.34-70.12.1.ia64"
}
},
{
"category": "product_version",
"name": "apache2-doc-2.2.34-70.12.1.ia64",
"product": {
"name": "apache2-doc-2.2.34-70.12.1.ia64",
"product_id": "apache2-doc-2.2.34-70.12.1.ia64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.2.34-70.12.1.ia64",
"product": {
"name": "apache2-example-pages-2.2.34-70.12.1.ia64",
"product_id": "apache2-example-pages-2.2.34-70.12.1.ia64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.2.34-70.12.1.ia64",
"product": {
"name": "apache2-prefork-2.2.34-70.12.1.ia64",
"product_id": "apache2-prefork-2.2.34-70.12.1.ia64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.2.34-70.12.1.ia64",
"product": {
"name": "apache2-utils-2.2.34-70.12.1.ia64",
"product_id": "apache2-utils-2.2.34-70.12.1.ia64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.2.34-70.12.1.ia64",
"product": {
"name": "apache2-worker-2.2.34-70.12.1.ia64",
"product_id": "apache2-worker-2.2.34-70.12.1.ia64"
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-devel-2.2.34-70.12.1.ppc64",
"product": {
"name": "apache2-devel-2.2.34-70.12.1.ppc64",
"product_id": "apache2-devel-2.2.34-70.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "apache2-2.2.34-70.12.1.ppc64",
"product": {
"name": "apache2-2.2.34-70.12.1.ppc64",
"product_id": "apache2-2.2.34-70.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "apache2-doc-2.2.34-70.12.1.ppc64",
"product": {
"name": "apache2-doc-2.2.34-70.12.1.ppc64",
"product_id": "apache2-doc-2.2.34-70.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.2.34-70.12.1.ppc64",
"product": {
"name": "apache2-example-pages-2.2.34-70.12.1.ppc64",
"product_id": "apache2-example-pages-2.2.34-70.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.2.34-70.12.1.ppc64",
"product": {
"name": "apache2-prefork-2.2.34-70.12.1.ppc64",
"product_id": "apache2-prefork-2.2.34-70.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.2.34-70.12.1.ppc64",
"product": {
"name": "apache2-utils-2.2.34-70.12.1.ppc64",
"product_id": "apache2-utils-2.2.34-70.12.1.ppc64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.2.34-70.12.1.ppc64",
"product": {
"name": "apache2-worker-2.2.34-70.12.1.ppc64",
"product_id": "apache2-worker-2.2.34-70.12.1.ppc64"
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-devel-2.2.34-70.12.1.s390x",
"product": {
"name": "apache2-devel-2.2.34-70.12.1.s390x",
"product_id": "apache2-devel-2.2.34-70.12.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-2.2.34-70.12.1.s390x",
"product": {
"name": "apache2-2.2.34-70.12.1.s390x",
"product_id": "apache2-2.2.34-70.12.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-doc-2.2.34-70.12.1.s390x",
"product": {
"name": "apache2-doc-2.2.34-70.12.1.s390x",
"product_id": "apache2-doc-2.2.34-70.12.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.2.34-70.12.1.s390x",
"product": {
"name": "apache2-example-pages-2.2.34-70.12.1.s390x",
"product_id": "apache2-example-pages-2.2.34-70.12.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.2.34-70.12.1.s390x",
"product": {
"name": "apache2-prefork-2.2.34-70.12.1.s390x",
"product_id": "apache2-prefork-2.2.34-70.12.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.2.34-70.12.1.s390x",
"product": {
"name": "apache2-utils-2.2.34-70.12.1.s390x",
"product_id": "apache2-utils-2.2.34-70.12.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.2.34-70.12.1.s390x",
"product": {
"name": "apache2-worker-2.2.34-70.12.1.s390x",
"product_id": "apache2-worker-2.2.34-70.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.2.34-70.12.1.x86_64",
"product": {
"name": "apache2-2.2.34-70.12.1.x86_64",
"product_id": "apache2-2.2.34-70.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.2.34-70.12.1.x86_64",
"product": {
"name": "apache2-devel-2.2.34-70.12.1.x86_64",
"product_id": "apache2-devel-2.2.34-70.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-doc-2.2.34-70.12.1.x86_64",
"product": {
"name": "apache2-doc-2.2.34-70.12.1.x86_64",
"product_id": "apache2-doc-2.2.34-70.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.2.34-70.12.1.x86_64",
"product": {
"name": "apache2-example-pages-2.2.34-70.12.1.x86_64",
"product_id": "apache2-example-pages-2.2.34-70.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.2.34-70.12.1.x86_64",
"product": {
"name": "apache2-prefork-2.2.34-70.12.1.x86_64",
"product_id": "apache2-prefork-2.2.34-70.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.2.34-70.12.1.x86_64",
"product": {
"name": "apache2-utils-2.2.34-70.12.1.x86_64",
"product_id": "apache2-utils-2.2.34-70.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.2.34-70.12.1.x86_64",
"product": {
"name": "apache2-worker-2.2.34-70.12.1.x86_64",
"product_id": "apache2-worker-2.2.34-70.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/a:suse:sle-sdk:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product": {
"name": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-pos:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles_ltss:11:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:11:sp3:teradata"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:11:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Studio Onsite 1.3",
"product": {
"name": "SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-studioonsite:1.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 11 SP4",
"product_id": "SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3",
"product_id": "SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Point of Sale 11 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP3-TERADATA",
"product_id": "SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP3-TERADATA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4",
"product_id": "SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-doc-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-example-pages-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-prefork-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-utils-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.i586 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.i586",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.ia64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.ia64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.ppc64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.ppc64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.2.34-70.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 11 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-worker-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 11 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.2.34-70.12.1.x86_64 as component of SUSE Studio Onsite 1.3",
"product_id": "SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
},
"product_reference": "apache2-devel-2.2.34-70.12.1.x86_64",
"relates_to_product_reference": "SUSE Studio Onsite 1.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-2699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2009-2699"
}
],
"notes": [
{
"category": "general",
"text": "The Solaris pollset feature in the Event Port backend in poll/unix/port.c in the Apache Portable Runtime (APR) library before 1.3.9, as used in the Apache HTTP Server before 2.2.14 and other products, does not properly handle errors, which allows remote attackers to cause a denial of service (daemon hang) via unspecified HTTP requests, related to the prefork and event MPMs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2009-2699",
"url": "https://www.suse.com/security/cve/CVE-2009-2699"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2009-2699",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-30T14:55:59Z",
"details": "important"
}
],
"title": "CVE-2009-2699"
},
{
"cve": "CVE-2010-0425",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2010-0425"
}
],
"notes": [
{
"category": "general",
"text": "modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapi_unload for an ISAPI .dll module, which allows remote attackers to execute arbitrary code via unspecified vectors related to a crafted request, a reset packet, and \"orphaned callback pointers.\"",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2010-0425",
"url": "https://www.suse.com/security/cve/CVE-2010-0425"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2010-0425",
"url": "https://bugzilla.suse.com/1078450"
},
{
"category": "external",
"summary": "SUSE Bug 586572 for CVE-2010-0425",
"url": "https://bugzilla.suse.com/586572"
},
{
"category": "external",
"summary": "SUSE Bug 601151 for CVE-2010-0425",
"url": "https://bugzilla.suse.com/601151"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-30T14:55:59Z",
"details": "critical"
}
],
"title": "CVE-2010-0425"
},
{
"cve": "CVE-2012-0021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2012-0021"
}
],
"notes": [
{
"category": "general",
"text": "The log_cookie function in mod_log_config.c in the mod_log_config module in the Apache HTTP Server 2.2.17 through 2.2.21, when a threaded MPM is used, does not properly handle a %{}C format string, which allows remote attackers to cause a denial of service (daemon crash) via a cookie that lacks both a name and a value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2012-0021",
"url": "https://www.suse.com/security/cve/CVE-2012-0021"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2012-0021",
"url": "https://bugzilla.suse.com/1078450"
},
{
"category": "external",
"summary": "SUSE Bug 743744 for CVE-2012-0021",
"url": "https://bugzilla.suse.com/743744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-30T14:55:59Z",
"details": "moderate"
}
],
"title": "CVE-2012-0021"
},
{
"cve": "CVE-2014-0118",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2014-0118"
}
],
"notes": [
{
"category": "general",
"text": "The deflate_in_filter function in mod_deflate.c in the mod_deflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service (resource consumption) via crafted request data that decompresses to a much larger size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2014-0118",
"url": "https://www.suse.com/security/cve/CVE-2014-0118"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2014-0118",
"url": "https://bugzilla.suse.com/1078450"
},
{
"category": "external",
"summary": "SUSE Bug 887769 for CVE-2014-0118",
"url": "https://bugzilla.suse.com/887769"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-30T14:55:59Z",
"details": "moderate"
}
],
"title": "CVE-2014-0118"
},
{
"cve": "CVE-2017-3167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3167"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3167",
"url": "https://www.suse.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "SUSE Bug 1045065 for CVE-2017-3167",
"url": "https://bugzilla.suse.com/1045065"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-3167",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-30T14:55:59Z",
"details": "important"
}
],
"title": "CVE-2017-3167"
},
{
"cve": "CVE-2017-3169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3169"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3169",
"url": "https://www.suse.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "SUSE Bug 1045062 for CVE-2017-3169",
"url": "https://bugzilla.suse.com/1045062"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-3169",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-30T14:55:59Z",
"details": "moderate"
}
],
"title": "CVE-2017-3169"
},
{
"cve": "CVE-2017-7668",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7668"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP strict parsing changes added in Apache httpd 2.2.32 and 2.4.24 introduced a bug in token list parsing, which allows ap_find_token() to search past the end of its input string. By maliciously crafting a sequence of request headers, an attacker may be able to cause a segmentation fault, or to force ap_find_token() to return an incorrect value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7668",
"url": "https://www.suse.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "SUSE Bug 1045061 for CVE-2017-7668",
"url": "https://bugzilla.suse.com/1045061"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-7668",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-30T14:55:59Z",
"details": "critical"
}
],
"title": "CVE-2017-7668"
},
{
"cve": "CVE-2017-7679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7679"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7679",
"url": "https://www.suse.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "SUSE Bug 1045060 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1045060"
},
{
"category": "external",
"summary": "SUSE Bug 1057861 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1057861"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-30T14:55:59Z",
"details": "moderate"
}
],
"title": "CVE-2017-7679"
},
{
"cve": "CVE-2017-9798",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9798"
}
],
"notes": [
{
"category": "general",
"text": "Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user\u0027s .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker sends an unauthenticated OPTIONS HTTP request when attempting to read secret data. This is a use-after-free issue and thus secret data is not always sent, and the specific data depends on many factors including configuration. Exploitation with .htaccess can be blocked with a patch to the ap_limit_section function in server/core.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9798",
"url": "https://www.suse.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "SUSE Bug 1058058 for CVE-2017-9798",
"url": "https://bugzilla.suse.com/1058058"
},
{
"category": "external",
"summary": "SUSE Bug 1060757 for CVE-2017-9798",
"url": "https://bugzilla.suse.com/1060757"
},
{
"category": "external",
"summary": "SUSE Bug 1077582 for CVE-2017-9798",
"url": "https://bugzilla.suse.com/1077582"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-9798",
"url": "https://bugzilla.suse.com/1078450"
},
{
"category": "external",
"summary": "SUSE Bug 1089997 for CVE-2017-9798",
"url": "https://bugzilla.suse.com/1089997"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Point of Sale 11 SP3:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-LTSS:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ia64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.ppc64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.s390x",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-devel-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-doc-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-example-pages-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-prefork-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-utils-2.2.34-70.12.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.i586",
"SUSE Linux Enterprise Software Development Kit 11 SP4:apache2-worker-2.2.34-70.12.1.x86_64",
"SUSE Studio Onsite 1.3:apache2-devel-2.2.34-70.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-10-30T14:55:59Z",
"details": "moderate"
}
],
"title": "CVE-2017-9798"
}
]
}
SUSE-SU-2017:1714-1
Vulnerability from csaf_suse - Published: 2017-06-28 19:14 - Updated: 2017-06-28 19:14Summary
Security update for apache2
Notes
Title of the patch
Security update for apache2
Description of the patch
This update for apache2 provides the following fixes:
Security issues fixed:
- CVE-2017-3167: In Apache use of httpd ap_get_basic_auth_pw() outside
of the authentication phase could lead to authentication requirements
bypass (bsc#1045065)
- CVE-2017-3169: In mod_ssl may have a dereference NULL pointer issue
which could lead to denial of service (bsc#1045062)
- CVE-2017-7679: In mod_mime can buffer over-read by 1 byte, potentially
leading to a crash or information disclosure (bsc#1045060)
Non-Security issues fixed:
- Remove /usr/bin/http2 symlink only during apache2 package uninstall, not upgrade. (bsc#1041830)
- In gensslcert, use hostname when fqdn is too long. (bsc#1035829)
Patchnames
SUSE-SLE-RPI-12-SP2-2017-1062,SUSE-SLE-SDK-12-SP2-2017-1062,SUSE-SLE-SERVER-12-SP2-2017-1062
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for apache2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for apache2 provides the following fixes:\n\nSecurity issues fixed:\n\n- CVE-2017-3167: In Apache use of httpd ap_get_basic_auth_pw() outside\n of the authentication phase could lead to authentication requirements\n bypass (bsc#1045065)\n- CVE-2017-3169: In mod_ssl may have a dereference NULL pointer issue\n which could lead to denial of service (bsc#1045062)\n- CVE-2017-7679: In mod_mime can buffer over-read by 1 byte, potentially\n leading to a crash or information disclosure (bsc#1045060)\n\nNon-Security issues fixed:\n\n- Remove /usr/bin/http2 symlink only during apache2 package uninstall, not upgrade. (bsc#1041830)\n- In gensslcert, use hostname when fqdn is too long. (bsc#1035829)\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-RPI-12-SP2-2017-1062,SUSE-SLE-SDK-12-SP2-2017-1062,SUSE-SLE-SERVER-12-SP2-2017-1062",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_1714-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:1714-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20171714-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:1714-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-June/002991.html"
},
{
"category": "self",
"summary": "SUSE Bug 1035829",
"url": "https://bugzilla.suse.com/1035829"
},
{
"category": "self",
"summary": "SUSE Bug 1041830",
"url": "https://bugzilla.suse.com/1041830"
},
{
"category": "self",
"summary": "SUSE Bug 1045060",
"url": "https://bugzilla.suse.com/1045060"
},
{
"category": "self",
"summary": "SUSE Bug 1045062",
"url": "https://bugzilla.suse.com/1045062"
},
{
"category": "self",
"summary": "SUSE Bug 1045065",
"url": "https://bugzilla.suse.com/1045065"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3167 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3169 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7679 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7679/"
}
],
"title": "Security update for apache2",
"tracking": {
"current_release_date": "2017-06-28T19:14:29Z",
"generator": {
"date": "2017-06-28T19:14:29Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:1714-1",
"initial_release_date": "2017-06-28T19:14:29Z",
"revision_history": [
{
"date": "2017-06-28T19:14:29Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.23-28.1.aarch64",
"product": {
"name": "apache2-2.4.23-28.1.aarch64",
"product_id": "apache2-2.4.23-28.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-28.1.aarch64",
"product": {
"name": "apache2-example-pages-2.4.23-28.1.aarch64",
"product_id": "apache2-example-pages-2.4.23-28.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-28.1.aarch64",
"product": {
"name": "apache2-prefork-2.4.23-28.1.aarch64",
"product_id": "apache2-prefork-2.4.23-28.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-28.1.aarch64",
"product": {
"name": "apache2-utils-2.4.23-28.1.aarch64",
"product_id": "apache2-utils-2.4.23-28.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-28.1.aarch64",
"product": {
"name": "apache2-worker-2.4.23-28.1.aarch64",
"product_id": "apache2-worker-2.4.23-28.1.aarch64"
}
},
{
"category": "product_version",
"name": "apache2-devel-2.4.23-28.1.aarch64",
"product": {
"name": "apache2-devel-2.4.23-28.1.aarch64",
"product_id": "apache2-devel-2.4.23-28.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-doc-2.4.23-28.1.noarch",
"product": {
"name": "apache2-doc-2.4.23-28.1.noarch",
"product_id": "apache2-doc-2.4.23-28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-devel-2.4.23-28.1.ppc64le",
"product": {
"name": "apache2-devel-2.4.23-28.1.ppc64le",
"product_id": "apache2-devel-2.4.23-28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-2.4.23-28.1.ppc64le",
"product": {
"name": "apache2-2.4.23-28.1.ppc64le",
"product_id": "apache2-2.4.23-28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-28.1.ppc64le",
"product": {
"name": "apache2-example-pages-2.4.23-28.1.ppc64le",
"product_id": "apache2-example-pages-2.4.23-28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-28.1.ppc64le",
"product": {
"name": "apache2-prefork-2.4.23-28.1.ppc64le",
"product_id": "apache2-prefork-2.4.23-28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-28.1.ppc64le",
"product": {
"name": "apache2-utils-2.4.23-28.1.ppc64le",
"product_id": "apache2-utils-2.4.23-28.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-28.1.ppc64le",
"product": {
"name": "apache2-worker-2.4.23-28.1.ppc64le",
"product_id": "apache2-worker-2.4.23-28.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-devel-2.4.23-28.1.s390x",
"product": {
"name": "apache2-devel-2.4.23-28.1.s390x",
"product_id": "apache2-devel-2.4.23-28.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-2.4.23-28.1.s390x",
"product": {
"name": "apache2-2.4.23-28.1.s390x",
"product_id": "apache2-2.4.23-28.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-28.1.s390x",
"product": {
"name": "apache2-example-pages-2.4.23-28.1.s390x",
"product_id": "apache2-example-pages-2.4.23-28.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-28.1.s390x",
"product": {
"name": "apache2-prefork-2.4.23-28.1.s390x",
"product_id": "apache2-prefork-2.4.23-28.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-28.1.s390x",
"product": {
"name": "apache2-utils-2.4.23-28.1.s390x",
"product_id": "apache2-utils-2.4.23-28.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-28.1.s390x",
"product": {
"name": "apache2-worker-2.4.23-28.1.s390x",
"product_id": "apache2-worker-2.4.23-28.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-devel-2.4.23-28.1.x86_64",
"product": {
"name": "apache2-devel-2.4.23-28.1.x86_64",
"product_id": "apache2-devel-2.4.23-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-2.4.23-28.1.x86_64",
"product": {
"name": "apache2-2.4.23-28.1.x86_64",
"product_id": "apache2-2.4.23-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.23-28.1.x86_64",
"product": {
"name": "apache2-example-pages-2.4.23-28.1.x86_64",
"product_id": "apache2-example-pages-2.4.23-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.23-28.1.x86_64",
"product": {
"name": "apache2-prefork-2.4.23-28.1.x86_64",
"product_id": "apache2-prefork-2.4.23-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.23-28.1.x86_64",
"product": {
"name": "apache2-utils-2.4.23-28.1.x86_64",
"product_id": "apache2-utils-2.4.23-28.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.23-28.1.x86_64",
"product": {
"name": "apache2-worker-2.4.23-28.1.x86_64",
"product_id": "apache2-worker-2.4.23-28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-28.1.noarch as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-doc-2.4.23-28.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-prefork-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-utils-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-utils-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server for Raspberry Pi 12 SP2",
"product_id": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-worker-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-worker-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for Raspberry Pi 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-devel-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.23-28.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.ppc64le"
},
"product_reference": "apache2-devel-2.4.23-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.23-28.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.s390x"
},
"product_reference": "apache2-devel-2.4.23-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-devel-2.4.23-28.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP2",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.x86_64"
},
"product_reference": "apache2-devel-2.4.23-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-28.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.ppc64le"
},
"product_reference": "apache2-2.4.23-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-28.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.s390x"
},
"product_reference": "apache2-2.4.23-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-28.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.x86_64"
},
"product_reference": "apache2-2.4.23-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-28.1.noarch as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-doc-2.4.23-28.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-28.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.23-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-28.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.23-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-28.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-28.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.23-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-28.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.s390x"
},
"product_reference": "apache2-prefork-2.4.23-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-28.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-utils-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-28.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.23-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-28.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.s390x"
},
"product_reference": "apache2-utils-2.4.23-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-28.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-worker-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-28.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.23-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-28.1.s390x as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.s390x"
},
"product_reference": "apache2-worker-2.4.23-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-28.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2",
"product_id": "SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.ppc64le"
},
"product_reference": "apache2-2.4.23-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-28.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.s390x"
},
"product_reference": "apache2-2.4.23-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.23-28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.x86_64"
},
"product_reference": "apache2-2.4.23-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.23-28.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-doc-2.4.23-28.1.noarch"
},
"product_reference": "apache2-doc-2.4.23-28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-example-pages-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.23-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-28.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.23-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.23-28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.23-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-prefork-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.23-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-28.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.s390x"
},
"product_reference": "apache2-prefork-2.4.23-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.23-28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.23-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-utils-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.23-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-28.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.s390x"
},
"product_reference": "apache2-utils-2.4.23-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.23-28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.x86_64"
},
"product_reference": "apache2-utils-2.4.23-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-28.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.aarch64"
},
"product_reference": "apache2-worker-2.4.23-28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-28.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.23-28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-28.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.s390x"
},
"product_reference": "apache2-worker-2.4.23-28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.23-28.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.x86_64"
},
"product_reference": "apache2-worker-2.4.23-28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3167"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3167",
"url": "https://www.suse.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "SUSE Bug 1045065 for CVE-2017-3167",
"url": "https://bugzilla.suse.com/1045065"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-3167",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-06-28T19:14:29Z",
"details": "important"
}
],
"title": "CVE-2017-3167"
},
{
"cve": "CVE-2017-3169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3169"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3169",
"url": "https://www.suse.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "SUSE Bug 1045062 for CVE-2017-3169",
"url": "https://bugzilla.suse.com/1045062"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-3169",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-06-28T19:14:29Z",
"details": "moderate"
}
],
"title": "CVE-2017-3169"
},
{
"cve": "CVE-2017-7679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7679"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7679",
"url": "https://www.suse.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "SUSE Bug 1045060 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1045060"
},
{
"category": "external",
"summary": "SUSE Bug 1057861 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1057861"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for Raspberry Pi 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-doc-2.4.23-28.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-example-pages-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-prefork-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-utils-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:apache2-worker-2.4.23-28.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP2:apache2-devel-2.4.23-28.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-06-28T19:14:29Z",
"details": "moderate"
}
],
"title": "CVE-2017-7679"
}
]
}
SUSE-SU-2017:2449-1
Vulnerability from csaf_suse - Published: 2017-09-13 10:33 - Updated: 2017-09-13 10:33Summary
Recommended update for apache2
Notes
Title of the patch
Recommended update for apache2
Description of the patch
This update for apache2 provides the following fixes:
Security issues fixed:
* CVE-2017-9788: The value placeholder in [Proxy-]Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no '=' assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service. (bsc#1048576)
* CVE-2017-7679: mod_mime could have read one byte past the end of a buffer when sending a malicious Content-Type response header leading to information leak or crash. (bsc#1045060)
* CVE-2017-3169: mod_ssl may have dereferenced a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port leading to crash. (bsc#1045062)
* CVE-2017-3167: Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may have lead to authentication requirements being bypassed. (bsc#1045065)
Non-security issues fixed:
- Re-order cipher suites to keep exclusion list at the end. (bsc#1043484, bsc#1043607)
- Remove /usr/bin/http2 link only during apache2 package uninstall, not upgrade. (bsc#1041830)
- In gensslcert, use hostname when fqdn is too long. (bsc#1035829)
Patchnames
SUSE-OpenStack-Cloud-6-2017-1510,SUSE-SLE-SAP-12-SP1-2017-1510,SUSE-SLE-SERVER-12-SP1-2017-1510
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Recommended update for apache2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThis update for apache2 provides the following fixes:\n\nSecurity issues fixed:\n\n* CVE-2017-9788: The value placeholder in [Proxy-]Authorization headers of type \u0027Digest\u0027 was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no \u0027=\u0027 assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service. (bsc#1048576)\n* CVE-2017-7679: mod_mime could have read one byte past the end of a buffer when sending a malicious Content-Type response header leading to information leak or crash. (bsc#1045060)\n* CVE-2017-3169: mod_ssl may have dereferenced a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port leading to crash. (bsc#1045062)\n* CVE-2017-3167: Use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may have lead to authentication requirements being bypassed. (bsc#1045065)\n\nNon-security issues fixed:\n\n- Re-order cipher suites to keep exclusion list at the end. (bsc#1043484, bsc#1043607)\n- Remove /usr/bin/http2 link only during apache2 package uninstall, not upgrade. (bsc#1041830)\n- In gensslcert, use hostname when fqdn is too long. (bsc#1035829)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-OpenStack-Cloud-6-2017-1510,SUSE-SLE-SAP-12-SP1-2017-1510,SUSE-SLE-SERVER-12-SP1-2017-1510",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2017_2449-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2017:2449-1",
"url": "https://www.suse.com/support/update/announcement/2017/suse-su-20172449-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2017:2449-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2017-September/003212.html"
},
{
"category": "self",
"summary": "SUSE Bug 1035829",
"url": "https://bugzilla.suse.com/1035829"
},
{
"category": "self",
"summary": "SUSE Bug 1041830",
"url": "https://bugzilla.suse.com/1041830"
},
{
"category": "self",
"summary": "SUSE Bug 1043484",
"url": "https://bugzilla.suse.com/1043484"
},
{
"category": "self",
"summary": "SUSE Bug 1043607",
"url": "https://bugzilla.suse.com/1043607"
},
{
"category": "self",
"summary": "SUSE Bug 1045060",
"url": "https://bugzilla.suse.com/1045060"
},
{
"category": "self",
"summary": "SUSE Bug 1045062",
"url": "https://bugzilla.suse.com/1045062"
},
{
"category": "self",
"summary": "SUSE Bug 1045065",
"url": "https://bugzilla.suse.com/1045065"
},
{
"category": "self",
"summary": "SUSE Bug 1048576",
"url": "https://bugzilla.suse.com/1048576"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3167 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3167/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-3169 page",
"url": "https://www.suse.com/security/cve/CVE-2017-3169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-7679 page",
"url": "https://www.suse.com/security/cve/CVE-2017-7679/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2017-9788 page",
"url": "https://www.suse.com/security/cve/CVE-2017-9788/"
}
],
"title": "Recommended update for apache2",
"tracking": {
"current_release_date": "2017-09-13T10:33:25Z",
"generator": {
"date": "2017-09-13T10:33:25Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2017:2449-1",
"initial_release_date": "2017-09-13T10:33:25Z",
"revision_history": [
{
"date": "2017-09-13T10:33:25Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "apache2-doc-2.4.16-20.10.1.noarch",
"product": {
"name": "apache2-doc-2.4.16-20.10.1.noarch",
"product_id": "apache2-doc-2.4.16-20.10.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.16-20.10.1.ppc64le",
"product": {
"name": "apache2-2.4.16-20.10.1.ppc64le",
"product_id": "apache2-2.4.16-20.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.16-20.10.1.ppc64le",
"product": {
"name": "apache2-example-pages-2.4.16-20.10.1.ppc64le",
"product_id": "apache2-example-pages-2.4.16-20.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.16-20.10.1.ppc64le",
"product": {
"name": "apache2-prefork-2.4.16-20.10.1.ppc64le",
"product_id": "apache2-prefork-2.4.16-20.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.16-20.10.1.ppc64le",
"product": {
"name": "apache2-utils-2.4.16-20.10.1.ppc64le",
"product_id": "apache2-utils-2.4.16-20.10.1.ppc64le"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.16-20.10.1.ppc64le",
"product": {
"name": "apache2-worker-2.4.16-20.10.1.ppc64le",
"product_id": "apache2-worker-2.4.16-20.10.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.16-20.10.1.s390x",
"product": {
"name": "apache2-2.4.16-20.10.1.s390x",
"product_id": "apache2-2.4.16-20.10.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.16-20.10.1.s390x",
"product": {
"name": "apache2-example-pages-2.4.16-20.10.1.s390x",
"product_id": "apache2-example-pages-2.4.16-20.10.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.16-20.10.1.s390x",
"product": {
"name": "apache2-prefork-2.4.16-20.10.1.s390x",
"product_id": "apache2-prefork-2.4.16-20.10.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.16-20.10.1.s390x",
"product": {
"name": "apache2-utils-2.4.16-20.10.1.s390x",
"product_id": "apache2-utils-2.4.16-20.10.1.s390x"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.16-20.10.1.s390x",
"product": {
"name": "apache2-worker-2.4.16-20.10.1.s390x",
"product_id": "apache2-worker-2.4.16-20.10.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "apache2-2.4.16-20.10.1.x86_64",
"product": {
"name": "apache2-2.4.16-20.10.1.x86_64",
"product_id": "apache2-2.4.16-20.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-example-pages-2.4.16-20.10.1.x86_64",
"product": {
"name": "apache2-example-pages-2.4.16-20.10.1.x86_64",
"product_id": "apache2-example-pages-2.4.16-20.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-prefork-2.4.16-20.10.1.x86_64",
"product": {
"name": "apache2-prefork-2.4.16-20.10.1.x86_64",
"product_id": "apache2-prefork-2.4.16-20.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-utils-2.4.16-20.10.1.x86_64",
"product": {
"name": "apache2-utils-2.4.16-20.10.1.x86_64",
"product_id": "apache2-utils-2.4.16-20.10.1.x86_64"
}
},
{
"category": "product_version",
"name": "apache2-worker-2.4.16-20.10.1.x86_64",
"product": {
"name": "apache2-worker-2.4.16-20.10.1.x86_64",
"product_id": "apache2-worker-2.4.16-20.10.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 6",
"product": {
"name": "SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.16-20.10.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.16-20.10.1.noarch as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch"
},
"product_reference": "apache2-doc-2.4.16-20.10.1.noarch",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.16-20.10.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.16-20.10.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.16-20.10.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-utils-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.16-20.10.1.x86_64 as component of SUSE OpenStack Cloud 6",
"product_id": "SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-worker-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.16-20.10.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le"
},
"product_reference": "apache2-2.4.16-20.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.16-20.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.16-20.10.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch"
},
"product_reference": "apache2-doc-2.4.16-20.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.16-20.10.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.16-20.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.16-20.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.16-20.10.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.16-20.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.16-20.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.16-20.10.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.16-20.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.16-20.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-utils-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.16-20.10.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.16-20.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.16-20.10.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-worker-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.16-20.10.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le"
},
"product_reference": "apache2-2.4.16-20.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.16-20.10.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x"
},
"product_reference": "apache2-2.4.16-20.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-2.4.16-20.10.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-doc-2.4.16-20.10.1.noarch as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch"
},
"product_reference": "apache2-doc-2.4.16-20.10.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.16-20.10.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le"
},
"product_reference": "apache2-example-pages-2.4.16-20.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.16-20.10.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x"
},
"product_reference": "apache2-example-pages-2.4.16-20.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-example-pages-2.4.16-20.10.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-example-pages-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.16-20.10.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le"
},
"product_reference": "apache2-prefork-2.4.16-20.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.16-20.10.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x"
},
"product_reference": "apache2-prefork-2.4.16-20.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-prefork-2.4.16-20.10.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-prefork-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.16-20.10.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le"
},
"product_reference": "apache2-utils-2.4.16-20.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.16-20.10.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x"
},
"product_reference": "apache2-utils-2.4.16-20.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-utils-2.4.16-20.10.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-utils-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.16-20.10.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le"
},
"product_reference": "apache2-worker-2.4.16-20.10.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.16-20.10.1.s390x as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x"
},
"product_reference": "apache2-worker-2.4.16-20.10.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "apache2-worker-2.4.16-20.10.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64"
},
"product_reference": "apache2-worker-2.4.16-20.10.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP1-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3167"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3167",
"url": "https://www.suse.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "SUSE Bug 1045065 for CVE-2017-3167",
"url": "https://bugzilla.suse.com/1045065"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-3167",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-09-13T10:33:25Z",
"details": "important"
}
],
"title": "CVE-2017-3167"
},
{
"cve": "CVE-2017-3169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-3169"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_ssl may dereference a NULL pointer when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-3169",
"url": "https://www.suse.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "SUSE Bug 1045062 for CVE-2017-3169",
"url": "https://bugzilla.suse.com/1045062"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-3169",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-09-13T10:33:25Z",
"details": "moderate"
}
],
"title": "CVE-2017-3169"
},
{
"cve": "CVE-2017-7679",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-7679"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-7679",
"url": "https://www.suse.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "SUSE Bug 1045060 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1045060"
},
{
"category": "external",
"summary": "SUSE Bug 1057861 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1057861"
},
{
"category": "external",
"summary": "SUSE Bug 1078450 for CVE-2017-7679",
"url": "https://bugzilla.suse.com/1078450"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-09-13T10:33:25Z",
"details": "moderate"
}
],
"title": "CVE-2017-7679"
},
{
"cve": "CVE-2017-9788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2017-9788"
}
],
"notes": [
{
"category": "general",
"text": "In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in [Proxy-]Authorization headers of type \u0027Digest\u0027 was not initialized or reset before or between successive key=value assignments by mod_auth_digest. Providing an initial key with no \u0027=\u0027 assignment could reflect the stale value of uninitialized pool memory used by the prior request, leading to leakage of potentially confidential information, and a segfault in other cases resulting in denial of service.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2017-9788",
"url": "https://www.suse.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "SUSE Bug 1048576 for CVE-2017-9788",
"url": "https://bugzilla.suse.com/1048576"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.s390x",
"SUSE Linux Enterprise Server 12 SP1-LTSS:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP1:apache2-worker-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-doc-2.4.16-20.10.1.noarch",
"SUSE OpenStack Cloud 6:apache2-example-pages-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-prefork-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-utils-2.4.16-20.10.1.x86_64",
"SUSE OpenStack Cloud 6:apache2-worker-2.4.16-20.10.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2017-09-13T10:33:25Z",
"details": "moderate"
}
],
"title": "CVE-2017-9788"
}
]
}
CERTFR-2018-AVI-026
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D232 sur QFX5200/5110 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R2-S5, 17.1R3 et 17.1R3 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R5-S7, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R6 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D70, 15.1X53-D231 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1 antérieures à 14.1R9 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R2, 16.2R2-S2, 16.2R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 antérieures à 14.2R8 | ||
| N/A | N/A | CTPView versions 7.1, 7.2 et 7.3. | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7, 15.1F6, 15.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1R6-S2, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R5-S1, 16.1R6 | ||
| Juniper Networks | Junos Space | Junos Space antérieures à 17.2R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1R5-S8, 15.1F6-S9, 15.1R6-S4, 15.1R7 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R3 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 versions 15.1X49-D100 et supérieures mais antérieures à 15.1X49-D121 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 antérieures à 14.1X53-D40 sur QFX, EX | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 antérieures à 14.2R8 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 antérieures à 12.1X46-D71 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D110 sur SRX | ||
| N/A | N/A | ScreenOS toutes versions sans le dernier correctif de sécurité | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1X65 antérieures à 16.1X65-D45 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1 antérieures à 14.1R8-S5, 14.1R9 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D55 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1R5-S4, 15.1R5-S5 et 15.1R6 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 antérieures à 12.1X46-D71 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3 antérieures à 12.3R12-S7 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 antérieures à 14.1X53-D46, 14.1X53-D50 et 14.1X53-D107 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3R antérieures à 12.3R12-S7 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D55 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3R12 antérieures à 12.3R12-S7 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 versions 12.3X48-D55 et supérieures mais antérieures à 12.3X48-D65 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 antérieures à 17.2X75-D50 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D49, 15.1X53-D470 sur NFX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D65 sur QFX10K | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R3-S6, 16.1R4-S6 et 16.1R5 | ||
| ESET | Security | Security Director et Log Collector antérieures à 17.2R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 antérieures à 14.2R7-S9, 14.2R8 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D232 sur QFX5200/5110",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S5, 17.1R3 et 17.1R3 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R5-S7, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R6 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D70, 15.1X53-D231",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R9 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R2, 16.2R2-S2, 16.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPView versions 7.1, 7.2 et 7.3.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7, 15.1F6, 15.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R6-S2, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5-S1, 16.1R6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space ant\u00e9rieures \u00e0 17.2R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R5-S8, 15.1F6-S9, 15.1R6-S4, 15.1R7 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R3 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 versions 15.1X49-D100 et sup\u00e9rieures mais ant\u00e9rieures \u00e0 15.1X49-D121",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D40 sur QFX, EX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D71",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D110 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "ScreenOS toutes versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1X65 ant\u00e9rieures \u00e0 16.1X65-D45",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R8-S5, 14.1R9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1R5-S4, 15.1R5-S5 et 15.1R6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D71 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3 ant\u00e9rieures \u00e0 12.3R12-S7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D46, 14.1X53-D50 et 14.1X53-D107",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3R ant\u00e9rieures \u00e0 12.3R12-S7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3R12 ant\u00e9rieures \u00e0 12.3R12-S7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 versions 12.3X48-D55 et sup\u00e9rieures mais ant\u00e9rieures \u00e0 12.3X48-D65",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 ant\u00e9rieures \u00e0 17.2X75-D50",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D49, 15.1X53-D470 sur NFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D65 sur QFX10K",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S6, 16.1R4-S6 et 16.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Security Director et Log Collector ant\u00e9rieures \u00e0 17.2R1",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R7-S9, 14.2R8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-14106",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14106"
},
{
"name": "CVE-2018-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0002"
},
{
"name": "CVE-2015-5600",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5600"
},
{
"name": "CVE-2018-0008",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0008"
},
{
"name": "CVE-2015-6563",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6563"
},
{
"name": "CVE-2018-0013",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0013"
},
{
"name": "CVE-2015-6564",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6564"
},
{
"name": "CVE-2015-7236",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7236"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"name": "CVE-2018-0011",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0011"
},
{
"name": "CVE-2016-2141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2141"
},
{
"name": "CVE-2015-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7501"
},
{
"name": "CVE-2015-5304",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5304"
},
{
"name": "CVE-2018-0012",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0012"
},
{
"name": "CVE-2018-0003",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0003"
},
{
"name": "CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"name": "CVE-2015-5174",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5174"
},
{
"name": "CVE-2017-1000112",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000112"
},
{
"name": "CVE-2016-8858",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8858"
},
{
"name": "CVE-2017-5664",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
},
{
"name": "CVE-2017-1000111",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000111"
},
{
"name": "CVE-2017-6074",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6074"
},
{
"name": "CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"name": "CVE-2018-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0010"
},
{
"name": "CVE-2018-0005",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0005"
},
{
"name": "CVE-2018-0007",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0007"
},
{
"name": "CVE-2016-8655",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8655"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2015-5188",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5188"
},
{
"name": "CVE-2018-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0009"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"name": "CVE-2018-0004",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0004"
},
{
"name": "CVE-2018-0014",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0014"
},
{
"name": "CVE-2017-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2634"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2015-5220",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5220"
},
{
"name": "CVE-2018-0006",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0006"
},
{
"name": "CVE-2018-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0001"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-026",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-01-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10838 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10838\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10831 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10831\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10835 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10835\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10833 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10833\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10837 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10837\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10841 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10841\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10828 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10828\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10834 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10834\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10829 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10829\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10836 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10836\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10839 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10839\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10830 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10830\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10832 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10832\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10840 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10840\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2019-AVI-657
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Tenable.sc de Tenable. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tenable.sc versions ant\u00e9rieures \u00e0 5.13.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-7659",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
},
{
"name": "CVE-2018-1333",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1333"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"name": "CVE-2018-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1283"
},
{
"name": "CVE-2018-1312",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1312"
},
{
"name": "CVE-2019-1552",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1552"
},
{
"name": "CVE-2018-1301",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1301"
},
{
"name": "CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"name": "CVE-2018-17189",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17189"
},
{
"name": "CVE-2019-1547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1547"
},
{
"name": "CVE-2019-1563",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1563"
},
{
"name": "CVE-2018-17199",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17199"
},
{
"name": "CVE-2018-1303",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1303"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"name": "CVE-2017-15710",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15710"
},
{
"name": "CVE-2018-1302",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1302"
},
{
"name": "CVE-2019-3465",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3465"
},
{
"name": "CVE-2017-15715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15715"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2018-11763",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11763"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-657",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-12-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable.sc de\nTenable. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable.sc",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2019-09 du 30 d\u00e9cembre 2019",
"url": "https://fr.tenable.com/security/tns-2019-09"
}
]
}
CERTFR-2017-AVI-218
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Apache. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et un contournement de la politique de sécurité.
De plus, avec la sortie de cette version 2.2.34, Apache informe tous les utilisateurs de Apache HTTP Server que la version actuelle sera la dernière mise à jour apportée à la branche 2.2. Aucune nouvelle version 2.2 ne sera mise à disposition. De possibles mise à jour de sécurité seront rendues publiques jusqu'à décembre 2017. Apache encourage les utilisateurs à migrer sur la version 2.4 de HTTP Server (cf. section Documentation).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Apache HTTP Server toutes versions antérieures à 2.2.34
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eApache HTTP Server toutes versions ant\u00e9rieures \u00e0 2.2.34\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
}
],
"links": [
{
"title": "Annonce Apache de sortie de version 2.2.34",
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
}
],
"reference": "CERTFR-2017-AVI-218",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-07-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApache\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de\nservice et un contournement de la politique de s\u00e9curit\u00e9.\n\nDe plus, avec la sortie de cette version 2.2.34, Apache informe tous les\nutilisateurs de Apache HTTP Server que la version actuelle sera la\nderni\u00e8re mise \u00e0 jour apport\u00e9e \u00e0 la branche 2.2. Aucune nouvelle version\n2.2 ne sera mise \u00e0 disposition. De possibles mise \u00e0 jour de s\u00e9curit\u00e9\nseront rendues publiques jusqu\u0027\u00e0 d\u00e9cembre 2017. Apache encourage les\nutilisateurs \u00e0 migrer sur la version 2.4 de HTTP Server (cf. section\nDocumentation).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apache",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apache du 11 juillet 2017",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.2.34"
}
]
}
CERTFR-2019-AVI-657
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Tenable.sc de Tenable. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneReferences
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tenable.sc versions ant\u00e9rieures \u00e0 5.13.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Tenable",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-7659",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
},
{
"name": "CVE-2018-1333",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1333"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"name": "CVE-2018-1283",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1283"
},
{
"name": "CVE-2018-1312",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1312"
},
{
"name": "CVE-2019-1552",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1552"
},
{
"name": "CVE-2018-1301",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1301"
},
{
"name": "CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"name": "CVE-2018-17189",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17189"
},
{
"name": "CVE-2019-1547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1547"
},
{
"name": "CVE-2019-1563",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1563"
},
{
"name": "CVE-2018-17199",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-17199"
},
{
"name": "CVE-2018-1303",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1303"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"name": "CVE-2017-15710",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15710"
},
{
"name": "CVE-2018-1302",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1302"
},
{
"name": "CVE-2019-3465",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3465"
},
{
"name": "CVE-2017-15715",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15715"
},
{
"name": "CVE-2019-1551",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1551"
},
{
"name": "CVE-2018-11763",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11763"
}
],
"links": [],
"reference": "CERTFR-2019-AVI-657",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2019-12-31T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Tenable.sc de\nTenable. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nun d\u00e9ni de service \u00e0 distance, un contournement de la politique de\ns\u00e9curit\u00e9 et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Tenable.sc",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Tenable tns-2019-09 du 30 d\u00e9cembre 2019",
"url": "https://fr.tenable.com/security/tns-2019-09"
}
]
}
CERTFR-2017-AVI-385
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | iOS versions antérieures à 11.1 | ||
| Apple | N/A | watchOS versions antérieures à 4.1 | ||
| Apple | macOS | macOS Sierra versions sans le correctif de sécurité 2017-001 | ||
| Apple | N/A | tvOS versions antérieures à 11.1 | ||
| Apple | macOS | macOS El Capitan sans le correctif de sécurité 2017-004 | ||
| Apple | N/A | iTunes versions antérieures à 12.7.1 sur Windows | ||
| Apple | N/A | iCloud pour Windows versions antérieures à 7.1 | ||
| Apple | Safari | Safari versions antérieures à 11.0.1 | ||
| Apple | macOS | macOS High Sierra versions antérieures à 10.13.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sierra versions sans le correctif de s\u00e9curit\u00e9 2017-001",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS El Capitan sans le correctif de s\u00e9curit\u00e9 2017-004",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iTunes versions ant\u00e9rieures \u00e0 12.7.1 sur Windows",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 11.0.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS High Sierra versions ant\u00e9rieures \u00e0 10.13.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-13802",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13802"
},
{
"name": "CVE-2017-13818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13818"
},
{
"name": "CVE-2017-13052",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13052"
},
{
"name": "CVE-2017-12993",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12993"
},
{
"name": "CVE-2017-13018",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13018"
},
{
"name": "CVE-2017-13043",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13043"
},
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-9789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9789"
},
{
"name": "CVE-2017-7659",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
},
{
"name": "CVE-2016-4736",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4736"
},
{
"name": "CVE-2017-13050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13050"
},
{
"name": "CVE-2017-13816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13816"
},
{
"name": "CVE-2017-13798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13798"
},
{
"name": "CVE-2017-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11108"
},
{
"name": "CVE-2017-13017",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13017"
},
{
"name": "CVE-2017-13831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13831"
},
{
"name": "CVE-2017-11543",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11543"
},
{
"name": "CVE-2017-13790",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13790"
},
{
"name": "CVE-2017-13000",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13000"
},
{
"name": "CVE-2017-13807",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13807"
},
{
"name": "CVE-2017-13843",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13843"
},
{
"name": "CVE-2017-13055",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13055"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-13041",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13041"
},
{
"name": "CVE-2017-12902",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12902"
},
{
"name": "CVE-2017-13834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13834"
},
{
"name": "CVE-2017-13007",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13007"
},
{
"name": "CVE-2017-13687",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13687"
},
{
"name": "CVE-2017-13078",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13078"
},
{
"name": "CVE-2017-12986",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12986"
},
{
"name": "CVE-2017-13821",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13821"
},
{
"name": "CVE-2017-13033",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13033"
},
{
"name": "CVE-2017-13817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13817"
},
{
"name": "CVE-2017-13799",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13799"
},
{
"name": "CVE-2017-12901",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12901"
},
{
"name": "CVE-2017-13832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13832"
},
{
"name": "CVE-2017-13011",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13011"
},
{
"name": "CVE-2017-13046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13046"
},
{
"name": "CVE-2017-13840",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13840"
},
{
"name": "CVE-2017-12897",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12897"
},
{
"name": "CVE-2017-13809",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13809"
},
{
"name": "CVE-2017-13822",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13822"
},
{
"name": "CVE-2017-7113",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7113"
},
{
"name": "CVE-2017-13800",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13800"
},
{
"name": "CVE-2017-13786",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13786"
},
{
"name": "CVE-2017-13003",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13003"
},
{
"name": "CVE-2017-13815",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13815"
},
{
"name": "CVE-2017-13013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13013"
},
{
"name": "CVE-2017-13001",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13001"
},
{
"name": "CVE-2017-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13009"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2016-8740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8740"
},
{
"name": "CVE-2017-13048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13048"
},
{
"name": "CVE-2017-13054",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13054"
},
{
"name": "CVE-2017-13038",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13038"
},
{
"name": "CVE-2017-13841",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13841"
},
{
"name": "CVE-2017-13010",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13010"
},
{
"name": "CVE-2017-12990",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12990"
},
{
"name": "CVE-2017-13783",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13783"
},
{
"name": "CVE-2017-13047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13047"
},
{
"name": "CVE-2017-12991",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12991"
},
{
"name": "CVE-2017-13805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13805"
},
{
"name": "CVE-2017-13811",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13811"
},
{
"name": "CVE-2017-13849",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13849"
},
{
"name": "CVE-2017-13032",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13032"
},
{
"name": "CVE-2017-13801",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13801"
},
{
"name": "CVE-2017-13051",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13051"
},
{
"name": "CVE-2017-13036",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13036"
},
{
"name": "CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"name": "CVE-2017-13844",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13844"
},
{
"name": "CVE-2016-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2161"
},
{
"name": "CVE-2017-13795",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13795"
},
{
"name": "CVE-2017-13690",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13690"
},
{
"name": "CVE-2017-13838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13838"
},
{
"name": "CVE-2017-11542",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11542"
},
{
"name": "CVE-2017-13842",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13842"
},
{
"name": "CVE-2017-12997",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12997"
},
{
"name": "CVE-2017-13045",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13045"
},
{
"name": "CVE-2017-13026",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13026"
},
{
"name": "CVE-2017-13785",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13785"
},
{
"name": "CVE-2016-5387",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5387"
},
{
"name": "CVE-2017-13796",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13796"
},
{
"name": "CVE-2017-13782",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13782"
},
{
"name": "CVE-2017-13784",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13784"
},
{
"name": "CVE-2017-13042",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13042"
},
{
"name": "CVE-2017-12992",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12992"
},
{
"name": "CVE-2017-13027",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13027"
},
{
"name": "CVE-2017-13034",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13034"
},
{
"name": "CVE-2017-13794",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13794"
},
{
"name": "CVE-2017-13015",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13015"
},
{
"name": "CVE-2017-13725",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13725"
},
{
"name": "CVE-2017-13819",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13819"
},
{
"name": "CVE-2017-13044",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13044"
},
{
"name": "CVE-2017-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12900"
},
{
"name": "CVE-2017-12994",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12994"
},
{
"name": "CVE-2017-12998",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12998"
},
{
"name": "CVE-2017-13029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13029"
},
{
"name": "CVE-2017-13037",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13037"
},
{
"name": "CVE-2017-13788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13788"
},
{
"name": "CVE-2017-7132",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7132"
},
{
"name": "CVE-2017-13810",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13810"
},
{
"name": "CVE-2017-13039",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13039"
},
{
"name": "CVE-2017-13791",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13791"
},
{
"name": "CVE-2017-13023",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13023"
},
{
"name": "CVE-2017-13020",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13020"
},
{
"name": "CVE-2017-13021",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13021"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2017-12896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12896"
},
{
"name": "CVE-2017-13824",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13824"
},
{
"name": "CVE-2017-13049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13049"
},
{
"name": "CVE-2017-12999",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12999"
},
{
"name": "CVE-2017-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13836"
},
{
"name": "CVE-2017-13823",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13823"
},
{
"name": "CVE-2017-13846",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13846"
},
{
"name": "CVE-2017-12988",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12988"
},
{
"name": "CVE-2017-13789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13789"
},
{
"name": "CVE-2017-12985",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12985"
},
{
"name": "CVE-2017-12899",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12899"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"name": "CVE-2017-13014",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13014"
},
{
"name": "CVE-2017-12894",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12894"
},
{
"name": "CVE-2017-13804",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13804"
},
{
"name": "CVE-2017-13024",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13024"
},
{
"name": "CVE-2017-13004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13004"
},
{
"name": "CVE-2017-12996",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12996"
},
{
"name": "CVE-2017-13830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13830"
},
{
"name": "CVE-2017-12893",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12893"
},
{
"name": "CVE-2017-13019",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13019"
},
{
"name": "CVE-2017-13030",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13030"
},
{
"name": "CVE-2017-13808",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13808"
},
{
"name": "CVE-2017-13813",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13813"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-13053",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13053"
},
{
"name": "CVE-2017-13040",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13040"
},
{
"name": "CVE-2017-13689",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13689"
},
{
"name": "CVE-2017-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11103"
},
{
"name": "CVE-2017-13005",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13005"
},
{
"name": "CVE-2017-13793",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13793"
},
{
"name": "CVE-2017-13814",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13814"
},
{
"name": "CVE-2017-12987",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12987"
},
{
"name": "CVE-2017-13826",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13826"
},
{
"name": "CVE-2017-11541",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11541"
},
{
"name": "CVE-2017-13025",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13025"
},
{
"name": "CVE-2017-13828",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13828"
},
{
"name": "CVE-2017-13688",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13688"
},
{
"name": "CVE-2017-13820",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13820"
},
{
"name": "CVE-2017-12995",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12995"
},
{
"name": "CVE-2017-13792",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13792"
},
{
"name": "CVE-2017-13031",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13031"
},
{
"name": "CVE-2017-13028",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13028"
},
{
"name": "CVE-2017-13825",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13825"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2017-13803",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13803"
},
{
"name": "CVE-2017-13006",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13006"
},
{
"name": "CVE-2017-12895",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12895"
},
{
"name": "CVE-2017-13812",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13812"
},
{
"name": "CVE-2017-13022",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13022"
},
{
"name": "CVE-2017-13012",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13012"
},
{
"name": "CVE-2017-13002",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13002"
},
{
"name": "CVE-2017-13035",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13035"
},
{
"name": "CVE-2017-12989",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12989"
},
{
"name": "CVE-2017-13077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
},
{
"name": "CVE-2017-13016",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13016"
},
{
"name": "CVE-2017-13080",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
},
{
"name": "CVE-2017-12898",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12898"
},
{
"name": "CVE-2017-13008",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13008"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-385",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-11-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple\n. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208225 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208225"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208222 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208222"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208219 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208219"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208223 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208223"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208220 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208220"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208221 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208221"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208224 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208224"
}
]
}
CERTFR-2017-AVI-218
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été corrigées dans Apache. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service et un contournement de la politique de sécurité.
De plus, avec la sortie de cette version 2.2.34, Apache informe tous les utilisateurs de Apache HTTP Server que la version actuelle sera la dernière mise à jour apportée à la branche 2.2. Aucune nouvelle version 2.2 ne sera mise à disposition. De possibles mise à jour de sécurité seront rendues publiques jusqu'à décembre 2017. Apache encourage les utilisateurs à migrer sur la version 2.4 de HTTP Server (cf. section Documentation).
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Apache HTTP Server toutes versions antérieures à 2.2.34
Impacted products
| Vendor | Product | Description |
|---|
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cP\u003eApache HTTP Server toutes versions ant\u00e9rieures \u00e0 2.2.34\u003c/P\u003e",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
}
],
"links": [
{
"title": "Annonce Apache de sortie de version 2.2.34",
"url": "http://www.apache.org/dist/httpd/Announcement2.2.html"
}
],
"reference": "CERTFR-2017-AVI-218",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2017-07-17T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eApache\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de\nservice et un contournement de la politique de s\u00e9curit\u00e9.\n\nDe plus, avec la sortie de cette version 2.2.34, Apache informe tous les\nutilisateurs de Apache HTTP Server que la version actuelle sera la\nderni\u00e8re mise \u00e0 jour apport\u00e9e \u00e0 la branche 2.2. Aucune nouvelle version\n2.2 ne sera mise \u00e0 disposition. De possibles mise \u00e0 jour de s\u00e9curit\u00e9\nseront rendues publiques jusqu\u0027\u00e0 d\u00e9cembre 2017. Apache encourage les\nutilisateurs \u00e0 migrer sur la version 2.4 de HTTP Server (cf. section\nDocumentation).\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Apache",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apache du 11 juillet 2017",
"url": "http://www.apache.org/dist/httpd/CHANGES_2.2.34"
}
]
}
CERTFR-2018-AVI-026
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D232 sur QFX5200/5110 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.1 antérieures à 17.1R2-S5, 17.1R3 et 17.1R3 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R5-S7, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R6 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D70, 15.1X53-D231 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1 antérieures à 14.1R9 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R2, 16.2R2-S2, 16.2R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 antérieures à 14.2R8 | ||
| N/A | N/A | CTPView versions 7.1, 7.2 et 7.3. | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7, 15.1F6, 15.1R3 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1R6-S2, 15.1R7 | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R5-S1, 16.1R6 | ||
| Juniper Networks | Junos Space | Junos Space antérieures à 17.2R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1 antérieures à 15.1R5-S8, 15.1F6-S9, 15.1R6-S4, 15.1R7 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 16.2 antérieures à 16.2R3 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 versions 15.1X49-D100 et supérieures mais antérieures à 15.1X49-D121 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 antérieures à 14.1X53-D40 sur QFX, EX | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 antérieures à 14.2R8 sur MX series | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 antérieures à 12.1X46-D71 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X49 antérieures à 15.1X49-D110 sur SRX | ||
| N/A | N/A | ScreenOS toutes versions sans le dernier correctif de sécurité | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1X65 antérieures à 16.1X65-D45 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1 antérieures à 14.1R8-S5, 14.1R9 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D55 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1R5-S4, 15.1R5-S5 et 15.1R6 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.1X46 antérieures à 12.1X46-D71 sur SRX | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3 antérieures à 12.3R12-S7 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.1X53 antérieures à 14.1X53-D46, 14.1X53-D50 et 14.1X53-D107 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3R antérieures à 12.3R12-S7 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 antérieures à 12.3X48-D55 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3R12 antérieures à 12.3R12-S7 | ||
| Juniper Networks | Junos OS | Junos OS versions 12.3X48 versions 12.3X48-D55 et supérieures mais antérieures à 12.3X48-D65 | ||
| Juniper Networks | Junos OS | Junos OS versions 17.2X75 antérieures à 17.2X75-D50 | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D49, 15.1X53-D470 sur NFX | ||
| Juniper Networks | Junos OS | Junos OS versions 15.1X53 antérieures à 15.1X53-D65 sur QFX10K | ||
| Juniper Networks | Junos OS | Junos OS versions 16.1 antérieures à 16.1R3-S6, 16.1R4-S6 et 16.1R5 | ||
| ESET | Security | Security Director et Log Collector antérieures à 17.2R1 | ||
| Juniper Networks | Junos OS | Junos OS versions 14.2 antérieures à 14.2R7-S9, 14.2R8 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D232 sur QFX5200/5110",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.1 ant\u00e9rieures \u00e0 17.1R2-S5, 17.1R3 et 17.1R3 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F2-S17, 15.1F5-S8, 15.1F6-S8, 15.1R5-S7, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R6 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D70, 15.1X53-D231",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R9 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R2, 16.2R2-S2, 16.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "CTPView versions 7.1, 7.2 et 7.3.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1F5-S8, 15.1F6-S8, 15.1R5-S6, 15.1R6-S3, 15.1R7, 15.1F6, 15.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R6-S2, 15.1R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R5-S1, 16.1R6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space ant\u00e9rieures \u00e0 17.2R1",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1 ant\u00e9rieures \u00e0 15.1R5-S8, 15.1F6-S9, 15.1R6-S4, 15.1R7 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.2 ant\u00e9rieures \u00e0 16.2R3 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 versions 15.1X49-D100 et sup\u00e9rieures mais ant\u00e9rieures \u00e0 15.1X49-D121",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D40 sur QFX, EX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R8 sur MX series",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D71",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X49 ant\u00e9rieures \u00e0 15.1X49-D110 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "ScreenOS toutes versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1X65 ant\u00e9rieures \u00e0 16.1X65-D45",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1 ant\u00e9rieures \u00e0 14.1R8-S5, 14.1R9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1R5-S4, 15.1R5-S5 et 15.1R6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.1X46 ant\u00e9rieures \u00e0 12.1X46-D71 sur SRX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3 ant\u00e9rieures \u00e0 12.3R12-S7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.1X53 ant\u00e9rieures \u00e0 14.1X53-D46, 14.1X53-D50 et 14.1X53-D107",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3R ant\u00e9rieures \u00e0 12.3R12-S7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 ant\u00e9rieures \u00e0 12.3X48-D55",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3R12 ant\u00e9rieures \u00e0 12.3R12-S7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 12.3X48 versions 12.3X48-D55 et sup\u00e9rieures mais ant\u00e9rieures \u00e0 12.3X48-D65",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 17.2X75 ant\u00e9rieures \u00e0 17.2X75-D50",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D49, 15.1X53-D470 sur NFX",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 15.1X53 ant\u00e9rieures \u00e0 15.1X53-D65 sur QFX10K",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos OS versions 16.1 ant\u00e9rieures \u00e0 16.1R3-S6, 16.1R4-S6 et 16.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Security Director et Log Collector ant\u00e9rieures \u00e0 17.2R1",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "Junos OS versions 14.2 ant\u00e9rieures \u00e0 14.2R7-S9, 14.2R8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-14106",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-14106"
},
{
"name": "CVE-2018-0002",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0002"
},
{
"name": "CVE-2015-5600",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5600"
},
{
"name": "CVE-2018-0008",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0008"
},
{
"name": "CVE-2015-6563",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6563"
},
{
"name": "CVE-2018-0013",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0013"
},
{
"name": "CVE-2015-6564",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-6564"
},
{
"name": "CVE-2015-7236",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7236"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"name": "CVE-2018-0011",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0011"
},
{
"name": "CVE-2016-2141",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2141"
},
{
"name": "CVE-2015-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-7501"
},
{
"name": "CVE-2015-5304",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5304"
},
{
"name": "CVE-2018-0012",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0012"
},
{
"name": "CVE-2018-0003",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0003"
},
{
"name": "CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"name": "CVE-2015-5174",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5174"
},
{
"name": "CVE-2017-1000112",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000112"
},
{
"name": "CVE-2016-8858",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8858"
},
{
"name": "CVE-2017-5664",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5664"
},
{
"name": "CVE-2017-1000111",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000111"
},
{
"name": "CVE-2017-6074",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-6074"
},
{
"name": "CVE-2017-5645",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-5645"
},
{
"name": "CVE-2018-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0010"
},
{
"name": "CVE-2018-0005",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0005"
},
{
"name": "CVE-2018-0007",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0007"
},
{
"name": "CVE-2016-8655",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8655"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2015-5188",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5188"
},
{
"name": "CVE-2018-0009",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0009"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"name": "CVE-2018-0004",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0004"
},
{
"name": "CVE-2018-0014",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0014"
},
{
"name": "CVE-2017-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-2634"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2015-5220",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-5220"
},
{
"name": "CVE-2018-0006",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0006"
},
{
"name": "CVE-2018-0001",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-0001"
}
],
"links": [],
"reference": "CERTFR-2018-AVI-026",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2018-01-11T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits\nJuniper. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer\nune ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0\ndistance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10838 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10838\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10831 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10831\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10835 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10835\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10833 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10833\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10837 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10837\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10841 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10841\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10828 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10828\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10834 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10834\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10829 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10829\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10836 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10836\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10839 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10839\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10830 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10830\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10832 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10832\u0026cat=SIRT_1\u0026actp=LIST"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10840 du 10 janvier 2018",
"url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10840\u0026cat=SIRT_1\u0026actp=LIST"
}
]
}
CERTFR-2017-AVI-385
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Apple . Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Apple | N/A | iOS versions antérieures à 11.1 | ||
| Apple | N/A | watchOS versions antérieures à 4.1 | ||
| Apple | macOS | macOS Sierra versions sans le correctif de sécurité 2017-001 | ||
| Apple | N/A | tvOS versions antérieures à 11.1 | ||
| Apple | macOS | macOS El Capitan sans le correctif de sécurité 2017-004 | ||
| Apple | N/A | iTunes versions antérieures à 12.7.1 sur Windows | ||
| Apple | N/A | iCloud pour Windows versions antérieures à 7.1 | ||
| Apple | Safari | Safari versions antérieures à 11.0.1 | ||
| Apple | macOS | macOS High Sierra versions antérieures à 10.13.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "iOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "watchOS versions ant\u00e9rieures \u00e0 4.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS Sierra versions sans le correctif de s\u00e9curit\u00e9 2017-001",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "tvOS versions ant\u00e9rieures \u00e0 11.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS El Capitan sans le correctif de s\u00e9curit\u00e9 2017-004",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iTunes versions ant\u00e9rieures \u00e0 12.7.1 sur Windows",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "iCloud pour Windows versions ant\u00e9rieures \u00e0 7.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "Safari versions ant\u00e9rieures \u00e0 11.0.1",
"product": {
"name": "Safari",
"vendor": {
"name": "Apple",
"scada": false
}
}
},
{
"description": "macOS High Sierra versions ant\u00e9rieures \u00e0 10.13.1",
"product": {
"name": "macOS",
"vendor": {
"name": "Apple",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2017-13802",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13802"
},
{
"name": "CVE-2017-13818",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13818"
},
{
"name": "CVE-2017-13052",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13052"
},
{
"name": "CVE-2017-12993",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12993"
},
{
"name": "CVE-2017-13018",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13018"
},
{
"name": "CVE-2017-13043",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13043"
},
{
"name": "CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"name": "CVE-2017-9789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9789"
},
{
"name": "CVE-2017-7659",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
},
{
"name": "CVE-2016-4736",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-4736"
},
{
"name": "CVE-2017-13050",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13050"
},
{
"name": "CVE-2017-13816",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13816"
},
{
"name": "CVE-2017-13798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13798"
},
{
"name": "CVE-2017-11108",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11108"
},
{
"name": "CVE-2017-13017",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13017"
},
{
"name": "CVE-2017-13831",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13831"
},
{
"name": "CVE-2017-11543",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11543"
},
{
"name": "CVE-2017-13790",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13790"
},
{
"name": "CVE-2017-13000",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13000"
},
{
"name": "CVE-2017-13807",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13807"
},
{
"name": "CVE-2017-13843",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13843"
},
{
"name": "CVE-2017-13055",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13055"
},
{
"name": "CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"name": "CVE-2017-13041",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13041"
},
{
"name": "CVE-2017-12902",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12902"
},
{
"name": "CVE-2017-13834",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13834"
},
{
"name": "CVE-2017-13007",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13007"
},
{
"name": "CVE-2017-13687",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13687"
},
{
"name": "CVE-2017-13078",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13078"
},
{
"name": "CVE-2017-12986",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12986"
},
{
"name": "CVE-2017-13821",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13821"
},
{
"name": "CVE-2017-13033",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13033"
},
{
"name": "CVE-2017-13817",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13817"
},
{
"name": "CVE-2017-13799",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13799"
},
{
"name": "CVE-2017-12901",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12901"
},
{
"name": "CVE-2017-13832",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13832"
},
{
"name": "CVE-2017-13011",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13011"
},
{
"name": "CVE-2017-13046",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13046"
},
{
"name": "CVE-2017-13840",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13840"
},
{
"name": "CVE-2017-12897",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12897"
},
{
"name": "CVE-2017-13809",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13809"
},
{
"name": "CVE-2017-13822",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13822"
},
{
"name": "CVE-2017-7113",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7113"
},
{
"name": "CVE-2017-13800",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13800"
},
{
"name": "CVE-2017-13786",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13786"
},
{
"name": "CVE-2017-13003",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13003"
},
{
"name": "CVE-2017-13815",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13815"
},
{
"name": "CVE-2017-13013",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13013"
},
{
"name": "CVE-2017-13001",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13001"
},
{
"name": "CVE-2017-13009",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13009"
},
{
"name": "CVE-2017-1000101",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000101"
},
{
"name": "CVE-2016-8740",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8740"
},
{
"name": "CVE-2017-13048",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13048"
},
{
"name": "CVE-2017-13054",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13054"
},
{
"name": "CVE-2017-13038",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13038"
},
{
"name": "CVE-2017-13841",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13841"
},
{
"name": "CVE-2017-13010",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13010"
},
{
"name": "CVE-2017-12990",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12990"
},
{
"name": "CVE-2017-13783",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13783"
},
{
"name": "CVE-2017-13047",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13047"
},
{
"name": "CVE-2017-12991",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12991"
},
{
"name": "CVE-2017-13805",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13805"
},
{
"name": "CVE-2017-13811",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13811"
},
{
"name": "CVE-2017-13849",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13849"
},
{
"name": "CVE-2017-13032",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13032"
},
{
"name": "CVE-2017-13801",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13801"
},
{
"name": "CVE-2017-13051",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13051"
},
{
"name": "CVE-2017-13036",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13036"
},
{
"name": "CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"name": "CVE-2017-13844",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13844"
},
{
"name": "CVE-2016-2161",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2161"
},
{
"name": "CVE-2017-13795",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13795"
},
{
"name": "CVE-2017-13690",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13690"
},
{
"name": "CVE-2017-13838",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13838"
},
{
"name": "CVE-2017-11542",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11542"
},
{
"name": "CVE-2017-13842",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13842"
},
{
"name": "CVE-2017-12997",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12997"
},
{
"name": "CVE-2017-13045",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13045"
},
{
"name": "CVE-2017-13026",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13026"
},
{
"name": "CVE-2017-13785",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13785"
},
{
"name": "CVE-2016-5387",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-5387"
},
{
"name": "CVE-2017-13796",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13796"
},
{
"name": "CVE-2017-13782",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13782"
},
{
"name": "CVE-2017-13784",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13784"
},
{
"name": "CVE-2017-13042",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13042"
},
{
"name": "CVE-2017-12992",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12992"
},
{
"name": "CVE-2017-13027",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13027"
},
{
"name": "CVE-2017-13034",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13034"
},
{
"name": "CVE-2017-13794",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13794"
},
{
"name": "CVE-2017-13015",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13015"
},
{
"name": "CVE-2017-13725",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13725"
},
{
"name": "CVE-2017-13819",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13819"
},
{
"name": "CVE-2017-13044",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13044"
},
{
"name": "CVE-2017-12900",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12900"
},
{
"name": "CVE-2017-12994",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12994"
},
{
"name": "CVE-2017-12998",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12998"
},
{
"name": "CVE-2017-13029",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13029"
},
{
"name": "CVE-2017-13037",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13037"
},
{
"name": "CVE-2017-13788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13788"
},
{
"name": "CVE-2017-7132",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7132"
},
{
"name": "CVE-2017-13810",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13810"
},
{
"name": "CVE-2017-13039",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13039"
},
{
"name": "CVE-2017-13791",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13791"
},
{
"name": "CVE-2017-13023",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13023"
},
{
"name": "CVE-2017-13020",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13020"
},
{
"name": "CVE-2017-13021",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13021"
},
{
"name": "CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"name": "CVE-2017-12896",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12896"
},
{
"name": "CVE-2017-13824",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13824"
},
{
"name": "CVE-2017-13049",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13049"
},
{
"name": "CVE-2017-12999",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12999"
},
{
"name": "CVE-2017-13836",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13836"
},
{
"name": "CVE-2017-13823",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13823"
},
{
"name": "CVE-2017-13846",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13846"
},
{
"name": "CVE-2017-12988",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12988"
},
{
"name": "CVE-2017-13789",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13789"
},
{
"name": "CVE-2017-12985",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12985"
},
{
"name": "CVE-2017-12899",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12899"
},
{
"name": "CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"name": "CVE-2017-13014",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13014"
},
{
"name": "CVE-2017-12894",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12894"
},
{
"name": "CVE-2017-13804",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13804"
},
{
"name": "CVE-2017-13024",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13024"
},
{
"name": "CVE-2017-13004",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13004"
},
{
"name": "CVE-2017-12996",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12996"
},
{
"name": "CVE-2017-13830",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13830"
},
{
"name": "CVE-2017-12893",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12893"
},
{
"name": "CVE-2017-13019",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13019"
},
{
"name": "CVE-2017-13030",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13030"
},
{
"name": "CVE-2017-13808",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13808"
},
{
"name": "CVE-2017-13813",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13813"
},
{
"name": "CVE-2017-1000100",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-1000100"
},
{
"name": "CVE-2017-13053",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13053"
},
{
"name": "CVE-2017-13040",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13040"
},
{
"name": "CVE-2017-13689",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13689"
},
{
"name": "CVE-2017-11103",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11103"
},
{
"name": "CVE-2017-13005",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13005"
},
{
"name": "CVE-2017-13793",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13793"
},
{
"name": "CVE-2017-13814",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13814"
},
{
"name": "CVE-2017-12987",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12987"
},
{
"name": "CVE-2017-13826",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13826"
},
{
"name": "CVE-2017-11541",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-11541"
},
{
"name": "CVE-2017-13025",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13025"
},
{
"name": "CVE-2017-13828",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13828"
},
{
"name": "CVE-2017-13688",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13688"
},
{
"name": "CVE-2017-13820",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13820"
},
{
"name": "CVE-2017-12995",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12995"
},
{
"name": "CVE-2017-13792",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13792"
},
{
"name": "CVE-2017-13031",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13031"
},
{
"name": "CVE-2017-13028",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13028"
},
{
"name": "CVE-2017-13825",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13825"
},
{
"name": "CVE-2016-8743",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-8743"
},
{
"name": "CVE-2017-13803",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13803"
},
{
"name": "CVE-2017-13006",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13006"
},
{
"name": "CVE-2017-12895",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12895"
},
{
"name": "CVE-2017-13812",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13812"
},
{
"name": "CVE-2017-13022",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13022"
},
{
"name": "CVE-2017-13012",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13012"
},
{
"name": "CVE-2017-13002",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13002"
},
{
"name": "CVE-2017-13035",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13035"
},
{
"name": "CVE-2017-12989",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12989"
},
{
"name": "CVE-2017-13077",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13077"
},
{
"name": "CVE-2017-13016",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13016"
},
{
"name": "CVE-2017-13080",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13080"
},
{
"name": "CVE-2017-12898",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12898"
},
{
"name": "CVE-2017-13008",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-13008"
}
],
"links": [],
"reference": "CERTFR-2017-AVI-385",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2017-11-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Apple\n. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance\net un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Apple",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208225 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208225"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208222 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208222"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208219 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208219"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208223 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208223"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208220 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208220"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208221 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208221"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Apple HT208224 du 31 octobre 2017",
"url": "https://support.apple.com/en-us/HT208224"
}
]
}
GSD-2017-7679
Vulnerability from gsd - Updated: 2023-12-13 01:21Details
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-7679",
"description": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.",
"id": "GSD-2017-7679",
"references": [
"https://www.suse.com/security/cve/CVE-2017-7679.html",
"https://www.debian.org/security/2017/dsa-3896",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://ubuntu.com/security/CVE-2017-7679",
"https://advisories.mageia.org/CVE-2017-7679.html",
"https://security.archlinux.org/CVE-2017-7679",
"https://alas.aws.amazon.com/cve/html/CVE-2017-7679.html",
"https://linux.oracle.com/cve/CVE-2017-7679.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-7679"
],
"details": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.",
"id": "GSD-2017-7679",
"modified": "2023-12-13T01:21:06.560931Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-7679",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_value": "2.2.0 to 2.2.32"
},
{
"version_value": "2.4.0 to 2.4.25"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Buffer Overread (CWE-126)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2017:2479",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"name": "RHSA-2017:2483",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"name": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679",
"refsource": "MISC",
"url": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180601-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"name": "https://www.nomachine.com/SU08O00185",
"refsource": "CONFIRM",
"url": "https://www.nomachine.com/SU08O00185"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"name": "RHSA-2017:3475",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"name": "[dev] 20170619 CVE-2017-7679: mod_mime buffer overread",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751@%3Cdev.httpd.apache.org%3E"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us"
},
{
"name": "RHSA-2017:3195",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "99170",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99170"
},
{
"name": "RHSA-2017:3476",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"name": "RHSA-2017:3477",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"name": "DSA-3896",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"name": "RHSA-2017:3194",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"name": "RHSA-2017:3193",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"name": "1038711",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038711"
},
{
"name": "GLSA-201710-32",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"name": "RHSA-2017:2478",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "https://www.tenable.com/security/tns-2019-09",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [11/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.4.26",
"versionStartIncluding": "2.4.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.33",
"versionStartIncluding": "2.2.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-7679"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[dev] 20170619 CVE-2017-7679: mod_mime buffer overread",
"refsource": "MLIST",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751@%3Cdev.httpd.apache.org%3E"
},
{
"name": "99170",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99170"
},
{
"name": "1038711",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038711"
},
{
"name": "https://www.nomachine.com/SU08O00185",
"refsource": "CONFIRM",
"tags": [
"Mitigation",
"Third Party Advisory"
],
"url": "https://www.nomachine.com/SU08O00185"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "GLSA-201710-32",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"name": "DSA-3896",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2017:3195",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"name": "RHSA-2017:3194",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"name": "RHSA-2017:3193",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"name": "RHSA-2017:3477",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"name": "RHSA-2017:3476",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"name": "RHSA-2017:3475",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"name": "RHSA-2017:2483",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"name": "RHSA-2017:2479",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"name": "RHSA-2017:2478",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"name": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679",
"refsource": "MISC",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us",
"refsource": "CONFIRM",
"tags": [],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180601-0002/",
"refsource": "CONFIRM",
"tags": [],
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us",
"refsource": "CONFIRM",
"tags": [],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "https://www.tenable.com/security/tns-2019-09",
"refsource": "CONFIRM",
"tags": [],
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [11/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": true,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-06-06T11:15Z",
"publishedDate": "2017-06-20T01:29Z"
}
}
}
CNVD-2017-13907
Vulnerability from cnvd - Published: 2017-07-12
VLAI Severity ?
Title
Apache httpd缓冲区溢出漏洞
Description
Apache httpd是美国阿帕奇(Apache)软件基金会的一款专为现代操作系统开发和维护的开源HTTP服务器。
Apache httpd 2.2.33之前的2.2.x版本和2.4.26之前的2.4.x版本存在安全漏洞。攻击者可利用该漏洞造成缓冲区越边界读取。
Severity
高
Patch Name
Apache httpd缓冲区溢出漏洞的补丁
Patch Description
Apache httpd是美国阿帕奇(Apache)软件基金会的一款专为现代操作系统开发和维护的开源HTTP服务器。
Apache httpd 2.2.33之前的2.2.x版本和2.4.26之前的2.4.x版本存在安全漏洞。攻击者可利用该漏洞造成缓冲区越边界读取。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
目前厂商已发布升级补丁以修复漏洞,补丁获取链接: https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751
Reference
http://www.securityfocus.com/bid/99170
Impacted products
| Name | ['Apache httpd 2.2.x,<2.2.33', 'Apache httpd 2.4.x,<2.4.26'] |
|---|
{
"bids": {
"bid": {
"bidNumber": "99170"
}
},
"cves": {
"cve": {
"cveNumber": "CVE-2017-7679"
}
},
"description": "Apache httpd\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u4e13\u4e3a\u73b0\u4ee3\u64cd\u4f5c\u7cfb\u7edf\u5f00\u53d1\u548c\u7ef4\u62a4\u7684\u5f00\u6e90HTTP\u670d\u52a1\u5668\u3002\r\n\r\nApache httpd 2.2.33\u4e4b\u524d\u76842.2.x\u7248\u672c\u548c2.4.26\u4e4b\u524d\u76842.4.x\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u7f13\u51b2\u533a\u8d8a\u8fb9\u754c\u8bfb\u53d6\u3002",
"discovererName": "ChenQin and Hanno Bock",
"formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2017-13907",
"openTime": "2017-07-12",
"patchDescription": "Apache httpd\u662f\u7f8e\u56fd\u963f\u5e15\u5947\uff08Apache\uff09\u8f6f\u4ef6\u57fa\u91d1\u4f1a\u7684\u4e00\u6b3e\u4e13\u4e3a\u73b0\u4ee3\u64cd\u4f5c\u7cfb\u7edf\u5f00\u53d1\u548c\u7ef4\u62a4\u7684\u5f00\u6e90HTTP\u670d\u52a1\u5668\u3002\r\n\r\nApache httpd 2.2.33\u4e4b\u524d\u76842.2.x\u7248\u672c\u548c2.4.26\u4e4b\u524d\u76842.4.x\u7248\u672c\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u7f13\u51b2\u533a\u8d8a\u8fb9\u754c\u8bfb\u53d6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Apache httpd\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
"products": {
"product": [
"Apache httpd 2.2.x\uff0c\u003c2.2.33",
"Apache httpd 2.4.x\uff0c\u003c2.4.26"
]
},
"referenceLink": "http://www.securityfocus.com/bid/99170",
"serverity": "\u9ad8",
"submitTime": "2017-06-22",
"title": "Apache httpd\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}
GHSA-V946-67FG-G8XG
Vulnerability from github – Published: 2022-05-13 01:09 – Updated: 2025-04-20 03:39
VLAI?
Details
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.
Severity ?
9.8 (Critical)
{
"affected": [],
"aliases": [
"CVE-2017-7679"
],
"database_specific": {
"cwe_ids": [
"CWE-119",
"CWE-126"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-06-20T01:29:00Z",
"severity": "CRITICAL"
},
"details": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header.",
"id": "GHSA-v946-67fg-g8xg",
"modified": "2025-04-20T03:39:24Z",
"published": "2022-05-13T01:09:42Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20180601-0002"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208221"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03821en_us"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"type": "WEB",
"url": "https://www.nomachine.com/SU08O00185"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"type": "WEB",
"url": "https://github.com/gottburgm/Exploits/tree/master/CVE-2017-7679"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3Cdev.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751@%3Cdev.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99170"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038711"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
WID-SEC-W-2025-0370
Vulnerability from csaf_certbund - Published: 2017-09-25 22:00 - Updated: 2025-02-13 23:00Summary
Apple Mac OS: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Apple Mac OS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstelle in Apple Mac OS ausnutzen, um Code mit Kernel Privilegien auszuführen, Sicherheitsvorkehrungen zu umgehen, einen Denial of Service Angriff durchzuführen oder vertrauliche Daten einzusehen.
Betroffene Betriebssysteme
- MacOS X
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Apple Mac OS ist ein Betriebssystem, das auf FreeBSD und Mach basiert.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstelle in Apple Mac OS ausnutzen, um Code mit Kernel Privilegien auszuf\u00fchren, Sicherheitsvorkehrungen zu umgehen, einen Denial of Service Angriff durchzuf\u00fchren oder vertrauliche Daten einzusehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- MacOS X",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-0370 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2025-0370.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-0370 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0370"
},
{
"category": "external",
"summary": "Apple Security Advisory HT208144 vom 2017-09-25",
"url": "https://support.apple.com/de-de/HT208144"
},
{
"category": "external",
"summary": "Updated Apple Security Advisory HT208144 vom 2017-10-31",
"url": "https://lists.apple.com/archives/security-announce/2017/Oct/msg00007.html"
},
{
"category": "external",
"summary": "Updated Apple Security Advisory HT208144 vom 2017-10-31",
"url": "https://lists.apple.com/archives/security-announce/2017/Oct/msg00001.html"
}
],
"source_lang": "en-US",
"title": "Apple Mac OS: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-02-13T23:00:00.000+00:00",
"generator": {
"date": "2025-02-14T12:00:12.636+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.12"
}
},
"id": "WID-SEC-W-2025-0370",
"initial_release_date": "2017-09-25T22:00:00.000+00:00",
"revision_history": [
{
"date": "2017-09-25T22:00:00.000+00:00",
"number": "1",
"summary": "Initial Release"
},
{
"date": "2017-10-31T23:00:00.000+00:00",
"number": "2",
"summary": "cve added"
},
{
"date": "2017-10-31T23:00:00.000+00:00",
"number": "3",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-10-31T23:00:00.000+00:00",
"number": "4",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-11-21T23:00:00.000+00:00",
"number": "5",
"summary": "cve added"
},
{
"date": "2017-11-21T23:00:00.000+00:00",
"number": "6",
"summary": "Version nicht vorhanden"
},
{
"date": "2017-12-13T23:00:00.000+00:00",
"number": "7",
"summary": "New remediations available"
},
{
"date": "2025-02-13T23:00:00.000+00:00",
"number": "8",
"summary": "Korrektur"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.13",
"product": {
"name": "Apple macOS \u003c10.13",
"product_id": "T010822"
}
},
{
"category": "product_version",
"name": "10.13",
"product": {
"name": "Apple macOS 10.13",
"product_id": "T010822-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:apple:mac_os:10.13"
}
}
}
],
"category": "product_name",
"name": "macOS"
}
],
"category": "vendor",
"name": "Apple"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2016-0736",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-0736"
},
{
"cve": "CVE-2016-2161",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-2161"
},
{
"cve": "CVE-2016-4736",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-4736"
},
{
"cve": "CVE-2016-5387",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-5387"
},
{
"cve": "CVE-2016-8740",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-8740"
},
{
"cve": "CVE-2016-8743",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-8743"
},
{
"cve": "CVE-2016-9042",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9042"
},
{
"cve": "CVE-2016-9063",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9063"
},
{
"cve": "CVE-2016-9840",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9840"
},
{
"cve": "CVE-2016-9841",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9841"
},
{
"cve": "CVE-2016-9842",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9842"
},
{
"cve": "CVE-2016-9843",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2016-9843"
},
{
"cve": "CVE-2017-0381",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-0381"
},
{
"cve": "CVE-2017-1000100",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-1000100"
},
{
"cve": "CVE-2017-1000101",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-1000101"
},
{
"cve": "CVE-2017-1000373",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-1000373"
},
{
"cve": "CVE-2017-10140",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-10140"
},
{
"cve": "CVE-2017-10989",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-10989"
},
{
"cve": "CVE-2017-11103",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-11103"
},
{
"cve": "CVE-2017-11108",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-11108"
},
{
"cve": "CVE-2017-11541",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-11541"
},
{
"cve": "CVE-2017-11542",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-11542"
},
{
"cve": "CVE-2017-11543",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-11543"
},
{
"cve": "CVE-2017-12893",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12893"
},
{
"cve": "CVE-2017-12894",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12894"
},
{
"cve": "CVE-2017-12895",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12895"
},
{
"cve": "CVE-2017-12896",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12896"
},
{
"cve": "CVE-2017-12897",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12897"
},
{
"cve": "CVE-2017-12898",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12898"
},
{
"cve": "CVE-2017-12899",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12899"
},
{
"cve": "CVE-2017-12900",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12900"
},
{
"cve": "CVE-2017-12901",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12901"
},
{
"cve": "CVE-2017-12902",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12902"
},
{
"cve": "CVE-2017-12985",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12985"
},
{
"cve": "CVE-2017-12986",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12986"
},
{
"cve": "CVE-2017-12987",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12987"
},
{
"cve": "CVE-2017-12988",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12988"
},
{
"cve": "CVE-2017-12989",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12989"
},
{
"cve": "CVE-2017-12990",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12990"
},
{
"cve": "CVE-2017-12991",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12991"
},
{
"cve": "CVE-2017-12992",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12992"
},
{
"cve": "CVE-2017-12993",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12993"
},
{
"cve": "CVE-2017-12994",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12994"
},
{
"cve": "CVE-2017-12995",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12995"
},
{
"cve": "CVE-2017-12996",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12996"
},
{
"cve": "CVE-2017-12997",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12997"
},
{
"cve": "CVE-2017-12998",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12998"
},
{
"cve": "CVE-2017-12999",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-12999"
},
{
"cve": "CVE-2017-13000",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13000"
},
{
"cve": "CVE-2017-13001",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13001"
},
{
"cve": "CVE-2017-13002",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13002"
},
{
"cve": "CVE-2017-13003",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13003"
},
{
"cve": "CVE-2017-13004",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13004"
},
{
"cve": "CVE-2017-13005",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13005"
},
{
"cve": "CVE-2017-13006",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13006"
},
{
"cve": "CVE-2017-13007",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13007"
},
{
"cve": "CVE-2017-13008",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13008"
},
{
"cve": "CVE-2017-13009",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13009"
},
{
"cve": "CVE-2017-13010",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13010"
},
{
"cve": "CVE-2017-13011",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13011"
},
{
"cve": "CVE-2017-13012",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13012"
},
{
"cve": "CVE-2017-13013",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13013"
},
{
"cve": "CVE-2017-13014",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13014"
},
{
"cve": "CVE-2017-13015",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13015"
},
{
"cve": "CVE-2017-13016",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13016"
},
{
"cve": "CVE-2017-13017",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13017"
},
{
"cve": "CVE-2017-13018",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13018"
},
{
"cve": "CVE-2017-13019",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13019"
},
{
"cve": "CVE-2017-13020",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13020"
},
{
"cve": "CVE-2017-13021",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13021"
},
{
"cve": "CVE-2017-13022",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13022"
},
{
"cve": "CVE-2017-13023",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13023"
},
{
"cve": "CVE-2017-13024",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13024"
},
{
"cve": "CVE-2017-13025",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13025"
},
{
"cve": "CVE-2017-13026",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13026"
},
{
"cve": "CVE-2017-13027",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13027"
},
{
"cve": "CVE-2017-13028",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13028"
},
{
"cve": "CVE-2017-13029",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13029"
},
{
"cve": "CVE-2017-13030",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13030"
},
{
"cve": "CVE-2017-13031",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13031"
},
{
"cve": "CVE-2017-13032",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13032"
},
{
"cve": "CVE-2017-13033",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13033"
},
{
"cve": "CVE-2017-13034",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13034"
},
{
"cve": "CVE-2017-13035",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13035"
},
{
"cve": "CVE-2017-13036",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13036"
},
{
"cve": "CVE-2017-13037",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13037"
},
{
"cve": "CVE-2017-13038",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13038"
},
{
"cve": "CVE-2017-13039",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13039"
},
{
"cve": "CVE-2017-13040",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13040"
},
{
"cve": "CVE-2017-13041",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13041"
},
{
"cve": "CVE-2017-13042",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13042"
},
{
"cve": "CVE-2017-13043",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13043"
},
{
"cve": "CVE-2017-13044",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13044"
},
{
"cve": "CVE-2017-13045",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13045"
},
{
"cve": "CVE-2017-13046",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13046"
},
{
"cve": "CVE-2017-13047",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13047"
},
{
"cve": "CVE-2017-13048",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13048"
},
{
"cve": "CVE-2017-13049",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13049"
},
{
"cve": "CVE-2017-13050",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13050"
},
{
"cve": "CVE-2017-13051",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13051"
},
{
"cve": "CVE-2017-13052",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13052"
},
{
"cve": "CVE-2017-13053",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13053"
},
{
"cve": "CVE-2017-13054",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13054"
},
{
"cve": "CVE-2017-13055",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13055"
},
{
"cve": "CVE-2017-13077",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13077"
},
{
"cve": "CVE-2017-13078",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13078"
},
{
"cve": "CVE-2017-13080",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13080"
},
{
"cve": "CVE-2017-13687",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13687"
},
{
"cve": "CVE-2017-13688",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13688"
},
{
"cve": "CVE-2017-13689",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13689"
},
{
"cve": "CVE-2017-13690",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13690"
},
{
"cve": "CVE-2017-13725",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13725"
},
{
"cve": "CVE-2017-13782",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13782"
},
{
"cve": "CVE-2017-13786",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13786"
},
{
"cve": "CVE-2017-13799",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13799"
},
{
"cve": "CVE-2017-13800",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13800"
},
{
"cve": "CVE-2017-13801",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13801"
},
{
"cve": "CVE-2017-13804",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13804"
},
{
"cve": "CVE-2017-13807",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13807"
},
{
"cve": "CVE-2017-13808",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13808"
},
{
"cve": "CVE-2017-13809",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13809"
},
{
"cve": "CVE-2017-13810",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13810"
},
{
"cve": "CVE-2017-13811",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13811"
},
{
"cve": "CVE-2017-13812",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13812"
},
{
"cve": "CVE-2017-13813",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13813"
},
{
"cve": "CVE-2017-13814",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13814"
},
{
"cve": "CVE-2017-13815",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13815"
},
{
"cve": "CVE-2017-13816",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13816"
},
{
"cve": "CVE-2017-13817",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13817"
},
{
"cve": "CVE-2017-13818",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13818"
},
{
"cve": "CVE-2017-13819",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13819"
},
{
"cve": "CVE-2017-13820",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13820"
},
{
"cve": "CVE-2017-13821",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13821"
},
{
"cve": "CVE-2017-13822",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13822"
},
{
"cve": "CVE-2017-13823",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13823"
},
{
"cve": "CVE-2017-13824",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13824"
},
{
"cve": "CVE-2017-13825",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13825"
},
{
"cve": "CVE-2017-13826",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13826"
},
{
"cve": "CVE-2017-13827",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13827"
},
{
"cve": "CVE-2017-13828",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13828"
},
{
"cve": "CVE-2017-13829",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13829"
},
{
"cve": "CVE-2017-13830",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13830"
},
{
"cve": "CVE-2017-13831",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13831"
},
{
"cve": "CVE-2017-13832",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13832"
},
{
"cve": "CVE-2017-13833",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13833"
},
{
"cve": "CVE-2017-13834",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13834"
},
{
"cve": "CVE-2017-13836",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13836"
},
{
"cve": "CVE-2017-13837",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13837"
},
{
"cve": "CVE-2017-13838",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13838"
},
{
"cve": "CVE-2017-13839",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13839"
},
{
"cve": "CVE-2017-13840",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13840"
},
{
"cve": "CVE-2017-13841",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13841"
},
{
"cve": "CVE-2017-13842",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13842"
},
{
"cve": "CVE-2017-13843",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13843"
},
{
"cve": "CVE-2017-13846",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13846"
},
{
"cve": "CVE-2017-13851",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13851"
},
{
"cve": "CVE-2017-13854",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-13854"
},
{
"cve": "CVE-2017-3167",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-3167"
},
{
"cve": "CVE-2017-3169",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-3169"
},
{
"cve": "CVE-2017-6451",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6451"
},
{
"cve": "CVE-2017-6452",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6452"
},
{
"cve": "CVE-2017-6455",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6455"
},
{
"cve": "CVE-2017-6458",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6458"
},
{
"cve": "CVE-2017-6459",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6459"
},
{
"cve": "CVE-2017-6460",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6460"
},
{
"cve": "CVE-2017-6462",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6462"
},
{
"cve": "CVE-2017-6463",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6463"
},
{
"cve": "CVE-2017-6464",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-6464"
},
{
"cve": "CVE-2017-7074",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7074"
},
{
"cve": "CVE-2017-7077",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7077"
},
{
"cve": "CVE-2017-7078",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7078"
},
{
"cve": "CVE-2017-7080",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7080"
},
{
"cve": "CVE-2017-7082",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7082"
},
{
"cve": "CVE-2017-7083",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7083"
},
{
"cve": "CVE-2017-7084",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7084"
},
{
"cve": "CVE-2017-7086",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7086"
},
{
"cve": "CVE-2017-7114",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7114"
},
{
"cve": "CVE-2017-7119",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7119"
},
{
"cve": "CVE-2017-7121",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7121"
},
{
"cve": "CVE-2017-7122",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7122"
},
{
"cve": "CVE-2017-7123",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7123"
},
{
"cve": "CVE-2017-7124",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7124"
},
{
"cve": "CVE-2017-7125",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7125"
},
{
"cve": "CVE-2017-7126",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7126"
},
{
"cve": "CVE-2017-7127",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7127"
},
{
"cve": "CVE-2017-7128",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7128"
},
{
"cve": "CVE-2017-7129",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7129"
},
{
"cve": "CVE-2017-7130",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7130"
},
{
"cve": "CVE-2017-7132",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7132"
},
{
"cve": "CVE-2017-7138",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7138"
},
{
"cve": "CVE-2017-7141",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7141"
},
{
"cve": "CVE-2017-7143",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7143"
},
{
"cve": "CVE-2017-7144",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7144"
},
{
"cve": "CVE-2017-7659",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7659"
},
{
"cve": "CVE-2017-7668",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7668"
},
{
"cve": "CVE-2017-7679",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-7679"
},
{
"cve": "CVE-2017-9233",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-9233"
},
{
"cve": "CVE-2017-9788",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-9788"
},
{
"cve": "CVE-2017-9789",
"product_status": {
"known_affected": [
"T010822"
]
},
"release_date": "2017-09-25T22:00:00.000+00:00",
"title": "CVE-2017-9789"
}
]
}
VAR-201706-1000
Vulnerability from variot - Updated: 2024-07-23 19:42In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. Apache httpd Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Apache HTTP Server is prone to a buffer-overflow vulnerability. An attacker can exploit this issue to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. The following versions are vulnerable: Apache HTTP Server 2.2.0 to 2.2.32 Apache HTTP Server 2.4.0 to 2.4.25. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: httpd security update Advisory ID: RHSA-2017:2478-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:2478 Issue date: 2017-08-15 CVE Names: CVE-2017-3167 CVE-2017-3169 CVE-2017-7679 CVE-2017-9788 =====================================================================
- Summary:
An update for httpd is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64
Security Fix(es):
-
It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
-
It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
-
A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
-
A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass 1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference 1463207 - CVE-2017-7679 httpd: mod_mime buffer overread 1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest
- Package List:
Red Hat Enterprise Linux Desktop (v. 6):
Source: httpd-2.2.15-60.el6_9.5.src.rpm
i386: httpd-2.2.15-60.el6_9.5.i686.rpm httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm httpd-tools-2.2.15-60.el6_9.5.i686.rpm
x86_64: httpd-2.2.15-60.el6_9.5.x86_64.rpm httpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm httpd-tools-2.2.15-60.el6_9.5.x86_64.rpm
Red Hat Enterprise Linux Desktop Optional (v. 6):
i386: httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm httpd-devel-2.2.15-60.el6_9.5.i686.rpm mod_ssl-2.2.15-60.el6_9.5.i686.rpm
noarch: httpd-manual-2.2.15-60.el6_9.5.noarch.rpm
x86_64: httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm httpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm httpd-devel-2.2.15-60.el6_9.5.i686.rpm httpd-devel-2.2.15-60.el6_9.5.x86_64.rpm mod_ssl-2.2.15-60.el6_9.5.x86_64.rpm
Red Hat Enterprise Linux HPC Node (v. 6):
Source: httpd-2.2.15-60.el6_9.5.src.rpm
x86_64: httpd-2.2.15-60.el6_9.5.x86_64.rpm httpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm httpd-tools-2.2.15-60.el6_9.5.x86_64.rpm
Red Hat Enterprise Linux HPC Node Optional (v. 6):
noarch: httpd-manual-2.2.15-60.el6_9.5.noarch.rpm
x86_64: httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm httpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm httpd-devel-2.2.15-60.el6_9.5.i686.rpm httpd-devel-2.2.15-60.el6_9.5.x86_64.rpm mod_ssl-2.2.15-60.el6_9.5.x86_64.rpm
Red Hat Enterprise Linux Server (v. 6):
Source: httpd-2.2.15-60.el6_9.5.src.rpm
i386: httpd-2.2.15-60.el6_9.5.i686.rpm httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm httpd-devel-2.2.15-60.el6_9.5.i686.rpm httpd-tools-2.2.15-60.el6_9.5.i686.rpm mod_ssl-2.2.15-60.el6_9.5.i686.rpm
noarch: httpd-manual-2.2.15-60.el6_9.5.noarch.rpm
ppc64: httpd-2.2.15-60.el6_9.5.ppc64.rpm httpd-debuginfo-2.2.15-60.el6_9.5.ppc.rpm httpd-debuginfo-2.2.15-60.el6_9.5.ppc64.rpm httpd-devel-2.2.15-60.el6_9.5.ppc.rpm httpd-devel-2.2.15-60.el6_9.5.ppc64.rpm httpd-tools-2.2.15-60.el6_9.5.ppc64.rpm mod_ssl-2.2.15-60.el6_9.5.ppc64.rpm
s390x: httpd-2.2.15-60.el6_9.5.s390x.rpm httpd-debuginfo-2.2.15-60.el6_9.5.s390.rpm httpd-debuginfo-2.2.15-60.el6_9.5.s390x.rpm httpd-devel-2.2.15-60.el6_9.5.s390.rpm httpd-devel-2.2.15-60.el6_9.5.s390x.rpm httpd-tools-2.2.15-60.el6_9.5.s390x.rpm mod_ssl-2.2.15-60.el6_9.5.s390x.rpm
x86_64: httpd-2.2.15-60.el6_9.5.x86_64.rpm httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm httpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm httpd-devel-2.2.15-60.el6_9.5.i686.rpm httpd-devel-2.2.15-60.el6_9.5.x86_64.rpm httpd-tools-2.2.15-60.el6_9.5.x86_64.rpm mod_ssl-2.2.15-60.el6_9.5.x86_64.rpm
Red Hat Enterprise Linux Workstation (v. 6):
Source: httpd-2.2.15-60.el6_9.5.src.rpm
i386: httpd-2.2.15-60.el6_9.5.i686.rpm httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm httpd-devel-2.2.15-60.el6_9.5.i686.rpm httpd-tools-2.2.15-60.el6_9.5.i686.rpm mod_ssl-2.2.15-60.el6_9.5.i686.rpm
noarch: httpd-manual-2.2.15-60.el6_9.5.noarch.rpm
x86_64: httpd-2.2.15-60.el6_9.5.x86_64.rpm httpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm httpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm httpd-devel-2.2.15-60.el6_9.5.i686.rpm httpd-devel-2.2.15-60.el6_9.5.x86_64.rpm httpd-tools-2.2.15-60.el6_9.5.x86_64.rpm mod_ssl-2.2.15-60.el6_9.5.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-3167 https://access.redhat.com/security/cve/CVE-2017-3169 https://access.redhat.com/security/cve/CVE-2017-7679 https://access.redhat.com/security/cve/CVE-2017-9788 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFZkzq3XlSAg2UNWIIRAjxIAJ9JoJcSMguc2VTpgJl2P5BGoM2IrACfXd/8 Jxb2g1bdehw6Jjq0qF13AEM= =ZvYI -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Solution:
The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files). This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
- An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. JIRA issues fixed (https://issues.jboss.org/):
JBCS-402 - Errata for httpd 2.4.23.SP3 RHEL7
-
(CVE-2017-7679)
-
A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. (CVE-2017-9798)
Red Hat would like to thank Hanno BAPck for reporting CVE-2017-9798
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-1000",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.26"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.0"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.33"
},
{
"model": "jp1/automatic job management system 3",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- manager web console"
},
{
"model": "jp1/integrated management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- service support starter edition"
},
{
"model": "jp1/it desktop management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "2 - operations director"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "(64)"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"model": "tuning manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "software"
},
{
"model": "job management partner 1/integrated management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- service support"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"model": "jp1/integrated management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- service support advanced edition"
},
{
"model": "compute systems manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "infrastructure analytics advisor",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "job management partner 1/it desktop management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "2 - smart device manager"
},
{
"model": "jp1/performance management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- web console"
},
{
"model": "tiered storage manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "software"
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "(64)"
},
{
"model": "httpd",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "2.4.26"
},
{
"model": "replication manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "software"
},
{
"model": "jp1/performance management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- manager"
},
{
"model": "jp1/it desktop management - manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/automatic operation",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"model": "global link manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "job management partner 1/performance management - web console",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "job management partner 1/it desktop management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "2 - manager"
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "jp1/it desktop management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "2 - smart device manager"
},
{
"model": "application server for developers",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/integrated management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- service support"
},
{
"model": "compute systems manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "software"
},
{
"model": "configuration manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard-r"
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base(64)"
},
{
"model": "job management partner 1/integrated management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- service support advanced edition"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "httpd",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.33"
},
{
"model": "it operations director",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/service support",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "jp1/operations analytics",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "tuning manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "cosminexus http server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/service support",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "starter edition"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"model": "jp1/it desktop management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "2 - manager"
},
{
"model": "global link manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "software"
},
{
"model": "job management partner 1/it desktop management - manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/performance management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- manager web console"
},
{
"model": "spoolserver/winspool series",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "reportfiling ver5.2 ~ 6.2"
},
{
"model": "automation director",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "tiered storage manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "connexive pf",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "v6.5"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "httpd",
"scope": "lt",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.x"
},
{
"model": "replication manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "device manager",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "software"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "application server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "httpd",
"scope": "lt",
"trust": 0.8,
"vendor": "apache",
"version": "2.4.x"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.4.24"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.4.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.4.16"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.4.25"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.4.20"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.4.22"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.4.17"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.4.18"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.4.23"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.6,
"vendor": "apache",
"version": "2.4.21"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "17.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.10"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.04"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "software collections for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "0"
},
{
"model": "jboss web server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "0"
},
{
"model": "jboss ews",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2"
},
{
"model": "jboss eap",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "jboss core services",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.52"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.52"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.09"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.033"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.029"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.9"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.8"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.11"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.10"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4.27"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.43"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.39"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.27"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.25"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.21"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.25"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.23"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.20"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.19"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.18"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.17"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.16"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.14"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.12"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.26"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.25"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.24"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.23"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.15"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.14"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.13"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.12"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.10"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.24"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.13"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.32"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.29"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.22"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.21"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.20"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.19"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.18"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.17"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.16"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.1"
},
{
"model": "http server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.5"
},
{
"model": "http server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.12"
},
{
"model": "http server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"model": "http server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.45"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.26"
},
{
"model": "2.2.33-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "99170"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005026"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-572"
},
{
"db": "NVD",
"id": "CVE-2017-7679"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.33",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.4.26",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7679"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "145457"
},
{
"db": "PACKETSTORM",
"id": "143766"
},
{
"db": "PACKETSTORM",
"id": "145455"
},
{
"db": "PACKETSTORM",
"id": "145456"
},
{
"db": "PACKETSTORM",
"id": "144969"
}
],
"trust": 0.5
},
"cve": "CVE-2017-7679",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-7679",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-7679",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-7679",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201704-572",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2017-7679",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-7679"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005026"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-572"
},
{
"db": "NVD",
"id": "CVE-2017-7679"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, mod_mime can read one byte past the end of a buffer when sending a malicious Content-Type response header. Apache httpd Contains a buffer error vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Apache HTTP Server is prone to a buffer-overflow vulnerability. \nAn attacker can exploit this issue to cause denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed. \nThe following versions are vulnerable:\nApache HTTP Server 2.2.0 to 2.2.32\nApache HTTP Server 2.4.0 to 2.4.25. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: httpd security update\nAdvisory ID: RHSA-2017:2478-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2478\nIssue date: 2017-08-15\nCVE Names: CVE-2017-3167 CVE-2017-3169 CVE-2017-7679 \n CVE-2017-9788 \n=====================================================================\n\n1. Summary:\n\nAn update for httpd is now available for Red Hat Enterprise Linux 6. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Desktop (v. 6) - i386, x86_64\nRed Hat Enterprise Linux Desktop Optional (v. 6) - i386, noarch, x86_64\nRed Hat Enterprise Linux HPC Node (v. 6) - x86_64\nRed Hat Enterprise Linux HPC Node Optional (v. 6) - noarch, x86_64\nRed Hat Enterprise Linux Server (v. 6) - i386, noarch, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 6) - i386, noarch, x86_64\n\n3. \n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not\nproperly initialize memory before using it when processing certain headers\nrelated to digest authentication. A remote attacker could possibly use this\nflaw to disclose potentially sensitive information or cause httpd child\nprocess to crash by sending specially crafted requests to a server. \n(CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API\nfunction outside of the authentication phase could lead to authentication\nbypass. A remote attacker could possibly use this flaw to bypass required\nauthentication if the API was used incorrectly by one of the modules used\nby httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. \nA remote attacker could use this flaw to cause an httpd child process to\ncrash if another module used by httpd called a certain API function during\nthe processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user\npermitted to modify httpd\u0027s MIME configuration could use this flaw to cause\nhttpd child process to crash. (CVE-2017-7679)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass\n1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference\n1463207 - CVE-2017-7679 httpd: mod_mime buffer overread\n1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest\n\n6. Package List:\n\nRed Hat Enterprise Linux Desktop (v. 6):\n\nSource:\nhttpd-2.2.15-60.el6_9.5.src.rpm\n\ni386:\nhttpd-2.2.15-60.el6_9.5.i686.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm\nhttpd-tools-2.2.15-60.el6_9.5.i686.rpm\n\nx86_64:\nhttpd-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-tools-2.2.15-60.el6_9.5.x86_64.rpm\n\nRed Hat Enterprise Linux Desktop Optional (v. 6):\n\ni386:\nhttpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm\nhttpd-devel-2.2.15-60.el6_9.5.i686.rpm\nmod_ssl-2.2.15-60.el6_9.5.i686.rpm\n\nnoarch:\nhttpd-manual-2.2.15-60.el6_9.5.noarch.rpm\n\nx86_64:\nhttpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-devel-2.2.15-60.el6_9.5.i686.rpm\nhttpd-devel-2.2.15-60.el6_9.5.x86_64.rpm\nmod_ssl-2.2.15-60.el6_9.5.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node (v. 6):\n\nSource:\nhttpd-2.2.15-60.el6_9.5.src.rpm\n\nx86_64:\nhttpd-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-tools-2.2.15-60.el6_9.5.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node Optional (v. 6):\n\nnoarch:\nhttpd-manual-2.2.15-60.el6_9.5.noarch.rpm\n\nx86_64:\nhttpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-devel-2.2.15-60.el6_9.5.i686.rpm\nhttpd-devel-2.2.15-60.el6_9.5.x86_64.rpm\nmod_ssl-2.2.15-60.el6_9.5.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 6):\n\nSource:\nhttpd-2.2.15-60.el6_9.5.src.rpm\n\ni386:\nhttpd-2.2.15-60.el6_9.5.i686.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm\nhttpd-devel-2.2.15-60.el6_9.5.i686.rpm\nhttpd-tools-2.2.15-60.el6_9.5.i686.rpm\nmod_ssl-2.2.15-60.el6_9.5.i686.rpm\n\nnoarch:\nhttpd-manual-2.2.15-60.el6_9.5.noarch.rpm\n\nppc64:\nhttpd-2.2.15-60.el6_9.5.ppc64.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.ppc.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.ppc64.rpm\nhttpd-devel-2.2.15-60.el6_9.5.ppc.rpm\nhttpd-devel-2.2.15-60.el6_9.5.ppc64.rpm\nhttpd-tools-2.2.15-60.el6_9.5.ppc64.rpm\nmod_ssl-2.2.15-60.el6_9.5.ppc64.rpm\n\ns390x:\nhttpd-2.2.15-60.el6_9.5.s390x.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.s390.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.s390x.rpm\nhttpd-devel-2.2.15-60.el6_9.5.s390.rpm\nhttpd-devel-2.2.15-60.el6_9.5.s390x.rpm\nhttpd-tools-2.2.15-60.el6_9.5.s390x.rpm\nmod_ssl-2.2.15-60.el6_9.5.s390x.rpm\n\nx86_64:\nhttpd-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-devel-2.2.15-60.el6_9.5.i686.rpm\nhttpd-devel-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-tools-2.2.15-60.el6_9.5.x86_64.rpm\nmod_ssl-2.2.15-60.el6_9.5.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nhttpd-2.2.15-60.el6_9.5.src.rpm\n\ni386:\nhttpd-2.2.15-60.el6_9.5.i686.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm\nhttpd-devel-2.2.15-60.el6_9.5.i686.rpm\nhttpd-tools-2.2.15-60.el6_9.5.i686.rpm\nmod_ssl-2.2.15-60.el6_9.5.i686.rpm\n\nnoarch:\nhttpd-manual-2.2.15-60.el6_9.5.noarch.rpm\n\nx86_64:\nhttpd-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.i686.rpm\nhttpd-debuginfo-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-devel-2.2.15-60.el6_9.5.i686.rpm\nhttpd-devel-2.2.15-60.el6_9.5.x86_64.rpm\nhttpd-tools-2.2.15-60.el6_9.5.x86_64.rpm\nmod_ssl-2.2.15-60.el6_9.5.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-3167\nhttps://access.redhat.com/security/cve/CVE-2017-3169\nhttps://access.redhat.com/security/cve/CVE-2017-7679\nhttps://access.redhat.com/security/cve/CVE-2017-9788\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZkzq3XlSAg2UNWIIRAjxIAJ9JoJcSMguc2VTpgJl2P5BGoM2IrACfXd/8\nJxb2g1bdehw6Jjq0qF13AEM=\n=ZvYI\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files). This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. \n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23\nService Pack 3 serves as an update to Red Hat JBoss Core Services Apache\nHTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are\ndocumented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* An out-of-bounds array dereference was found in apr_time_exp_get(). An\nattacker could abuse an unvalidated usage of this function to cause a\ndenial of service or potentially lead to data leak. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-402 - Errata for httpd 2.4.23.SP3 RHEL7\n\n7. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and\npreviously unregistered HTTP methods specified in the Limit directive used\nin an .htaccess file. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno BAPck for reporting CVE-2017-9798",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-7679"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005026"
},
{
"db": "BID",
"id": "99170"
},
{
"db": "VULMON",
"id": "CVE-2017-7679"
},
{
"db": "PACKETSTORM",
"id": "145457"
},
{
"db": "PACKETSTORM",
"id": "143766"
},
{
"db": "PACKETSTORM",
"id": "145455"
},
{
"db": "PACKETSTORM",
"id": "145456"
},
{
"db": "PACKETSTORM",
"id": "144969"
}
],
"trust": 2.43
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-7679",
"trust": 3.3
},
{
"db": "BID",
"id": "99170",
"trust": 1.9
},
{
"db": "TENABLE",
"id": "TNS-2019-09",
"trust": 1.6
},
{
"db": "SECTRACK",
"id": "1038711",
"trust": 1.6
},
{
"db": "JVN",
"id": "JVNVU98416507",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005026",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201704-572",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2017-7679",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145457",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143766",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145455",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145456",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144969",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-7679"
},
{
"db": "BID",
"id": "99170"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005026"
},
{
"db": "PACKETSTORM",
"id": "145457"
},
{
"db": "PACKETSTORM",
"id": "143766"
},
{
"db": "PACKETSTORM",
"id": "145455"
},
{
"db": "PACKETSTORM",
"id": "145456"
},
{
"db": "PACKETSTORM",
"id": "144969"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-572"
},
{
"db": "NVD",
"id": "CVE-2017-7679"
}
]
},
"id": "VAR-201706-1000",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24902778333333334
},
"last_update_date": "2024-07-23T19:42:07.252000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "hitachi-sec-2018-101",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2018-101/index.html"
},
{
"title": "hitachi-sec-2018-103",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2018-103/index.html"
},
{
"title": "hitachi-sec-2017-123",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-123/index.html"
},
{
"title": "NV17-014",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-014.html"
},
{
"title": "CVE-2017-7679: mod_mime buffer overread",
"trust": 0.8,
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751@%3cdev.httpd.apache.org%3e"
},
{
"title": "hitachi-sec-2017-123",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hitachi-sec-2017-123/index.html"
},
{
"title": "hitachi-sec-2018-101",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hitachi-sec-2018-101/index.html"
},
{
"title": "hitachi-sec-2018-103",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hitachi-sec-2018-103/index.html"
},
{
"title": "Security vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=89482"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173477 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173476 - security advisory"
},
{
"title": "Red Hat: Important: httpd security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173194 - security advisory"
},
{
"title": "Red Hat: Important: httpd security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173193 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173475 - security advisory"
},
{
"title": "Red Hat: Important: httpd security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173195 - security advisory"
},
{
"title": "Red Hat: CVE-2017-7679",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-7679"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3340-1"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-7679"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3373-1"
},
{
"title": "Debian Security Advisories: DSA-3896-1 apache2 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a100e91e6529637522c4f74492953f8c"
},
{
"title": "Amazon Linux AMI: ALAS-2017-892",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2017-892"
},
{
"title": "Amazon Linux AMI: ALAS-2017-863",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2017-863"
},
{
"title": "Arch Linux Advisories: [ASA-201706-34] apache: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201706-34"
},
{
"title": "Symantec Security Advisories: SA154: Apache httpd Vulnerabilities June 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=6f891c1513dfb5c26769ed38bcac6e4f"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a22ad41e97bbfc5abb0bb927bf43089c"
},
{
"title": "Tenable Security Advisories: [R1] Tenable.sc 5.13.0 Fixes Multiple Third-Party Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2019-09"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=549dc795290b298746065b62b4bb7928"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "POC",
"trust": 0.1,
"url": "https://github.com/j031t/poc "
},
{
"title": "Shodan",
"trust": 0.1,
"url": "https://github.com/averna-syd/shodan "
},
{
"title": "netlas-go",
"trust": 0.1,
"url": "https://github.com/mmpx12/netlas-go "
},
{
"title": "watchdog",
"trust": 0.1,
"url": "https://github.com/flipkart-incubator/watchdog "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/catdever/watchdog "
},
{
"title": "watchdog",
"trust": 0.1,
"url": "https://github.com/rohankumardubey/watchdog "
},
{
"title": "nrich",
"trust": 0.1,
"url": "https://github.com/retr0-13/nrich "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/rosesecurity-research/red-teaming-ttps "
},
{
"title": "Red-Teaming-TTPs",
"trust": 0.1,
"url": "https://github.com/rosesecurity/red-teaming-ttps "
},
{
"title": "Shodan-nrich",
"trust": 0.1,
"url": "https://github.com/pawankumarpandit/shodan-nrich "
},
{
"title": "DC-3-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-3-vulnhub-walkthrough "
},
{
"title": "DC-2-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-2-vulnhub-walkthrough "
},
{
"title": "DC-1-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-1-vulnhub-walkthrough "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/secureaxom/strike "
},
{
"title": "pigat",
"trust": 0.1,
"url": "https://github.com/syadg123/pigat "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-7679"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005026"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-572"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005026"
},
{
"db": "NVD",
"id": "CVE-2017-7679"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2017:3477"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2017:2478"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2017:3475"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2017:3476"
},
{
"trust": 1.7,
"url": "https://access.redhat.com/errata/rhsa-2017:3195"
},
{
"trust": 1.6,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbux03908en_us"
},
{
"trust": 1.6,
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"trust": 1.6,
"url": "https://support.apple.com/ht208221"
},
{
"trust": 1.6,
"url": "https://github.com/gottburgm/exploits/tree/master/cve-2017-7679"
},
{
"trust": 1.6,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03821en_us"
},
{
"trust": 1.6,
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"trust": 1.6,
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"trust": 1.6,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.6,
"url": "http://www.securityfocus.com/bid/99170"
},
{
"trust": 1.6,
"url": "http://www.securitytracker.com/id/1038711"
},
{
"trust": 1.6,
"url": "https://access.redhat.com/errata/rhsa-2017:2479"
},
{
"trust": 1.6,
"url": "https://access.redhat.com/errata/rhsa-2017:3193"
},
{
"trust": 1.6,
"url": "https://www.nomachine.com/su08o00185"
},
{
"trust": 1.6,
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"trust": 1.6,
"url": "https://access.redhat.com/errata/rhsa-2017:3194"
},
{
"trust": 1.6,
"url": "https://access.redhat.com/errata/rhsa-2017:2483"
},
{
"trust": 1.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7679"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751%40%3cdev.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 0.8,
"url": "https://access.redhat.com/security/cve/cve-2017-7679"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-7679"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98416507/"
},
{
"trust": 0.6,
"url": "httpd.apache.org%3e"
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r15f9aa4427581a1aecb4063f1b4b983511ae1c9935e2a0a6876dad3c@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f4515e580dfb6eeca589a5cdebd4c4c709ce632b12924f343c3b7751@%3cdev."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rfcf929bd33a6833e3f0c35eebdad70d5060665f9c4e17ea467c66770@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3ccvs."
},
{
"trust": 0.6,
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3ccvs."
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-3167"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3169"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.5,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.5,
"url": "https://access.redhat.com/security/cve/cve-2017-3169"
},
{
"trust": 0.5,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3167"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-9798"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9798"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.3,
"url": "http://www.apache.org/"
},
{
"trust": 0.3,
"url": "https://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "https://www.apache.org/dist/httpd/patches/apply_to_2.2.32/cve-2017-7679.patch"
},
{
"trust": 0.3,
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.3,
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24043880"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1022204"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22005280"
},
{
"trust": 0.3,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-12613"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12613"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-9788"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9788"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=securitypatches\u0026version=2.4.23"
}
],
"sources": [
{
"db": "BID",
"id": "99170"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005026"
},
{
"db": "PACKETSTORM",
"id": "145457"
},
{
"db": "PACKETSTORM",
"id": "143766"
},
{
"db": "PACKETSTORM",
"id": "145455"
},
{
"db": "PACKETSTORM",
"id": "145456"
},
{
"db": "PACKETSTORM",
"id": "144969"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-572"
},
{
"db": "NVD",
"id": "CVE-2017-7679"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2017-7679"
},
{
"db": "BID",
"id": "99170"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005026"
},
{
"db": "PACKETSTORM",
"id": "145457"
},
{
"db": "PACKETSTORM",
"id": "143766"
},
{
"db": "PACKETSTORM",
"id": "145455"
},
{
"db": "PACKETSTORM",
"id": "145456"
},
{
"db": "PACKETSTORM",
"id": "144969"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-572"
},
{
"db": "NVD",
"id": "CVE-2017-7679"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-20T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7679"
},
{
"date": "2017-06-19T00:00:00",
"db": "BID",
"id": "99170"
},
{
"date": "2017-07-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005026"
},
{
"date": "2017-12-17T15:29:14",
"db": "PACKETSTORM",
"id": "145457"
},
{
"date": "2017-08-15T22:24:00",
"db": "PACKETSTORM",
"id": "143766"
},
{
"date": "2017-12-17T15:27:58",
"db": "PACKETSTORM",
"id": "145455"
},
{
"date": "2017-12-17T15:28:41",
"db": "PACKETSTORM",
"id": "145456"
},
{
"date": "2017-11-14T04:32:14",
"db": "PACKETSTORM",
"id": "144969"
},
{
"date": "2017-04-12T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-572"
},
{
"date": "2017-06-20T01:29:00.423000",
"db": "NVD",
"id": "CVE-2017-7679"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-7679"
},
{
"date": "2017-08-16T08:10:00",
"db": "BID",
"id": "99170"
},
{
"date": "2018-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005026"
},
{
"date": "2021-06-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201704-572"
},
{
"date": "2023-11-07T02:50:15.043000",
"db": "NVD",
"id": "CVE-2017-7679"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "143766"
},
{
"db": "PACKETSTORM",
"id": "144969"
},
{
"db": "CNNVD",
"id": "CNNVD-201704-572"
}
],
"trust": 0.8
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache httpd Buffer error vulnerability",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005026"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201704-572"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…