Action not permitted
Modal body text goes here.
cve-2017-3167
Vulnerability from cvelistv5
Published
2017-06-20 01:00
Modified
2024-08-05 14:16
Severity
Summary
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
References
Impacted products
| Vendor | Product |
|---|---|
| Apache Software Foundation | Apache HTTP Server |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:16:28.300Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2017:2479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"name": "RHSA-2017:2483",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.nomachine.com/SU08O00185"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"name": "RHSA-2017:3475",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"name": "99135",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/99135"
},
{
"name": "RHSA-2017:3195",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"name": "[dev] 20170619 CVE-2017-3167: ap_get_basic_auth_pw authentication bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4%40%3Cdev.httpd.apache.org%3E"
},
{
"name": "RHSA-2017:3477",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"name": "DSA-3896",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"name": "RHSA-2017:3194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"name": "RHSA-2017:3193",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"name": "1038711",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038711"
},
{
"name": "GLSA-201710-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"name": "RHSA-2017:2478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [10/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Apache HTTP Server",
"vendor": "Apache Software Foundation",
"versions": [
{
"status": "affected",
"version": "2.2.0 to 2.2.32"
},
{
"status": "affected",
"version": "2.4.0 to 2.4.25"
}
]
}
],
"datePublic": "2017-06-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "Authentication Bypass (CWE-287)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-06T10:12:00",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2017:2479",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"name": "RHSA-2017:2483",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.nomachine.com/SU08O00185"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"name": "RHSA-2017:3475",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"name": "99135",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/99135"
},
{
"name": "RHSA-2017:3195",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3476",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"name": "[dev] 20170619 CVE-2017-3167: ap_get_basic_auth_pw authentication bypass",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4%40%3Cdev.httpd.apache.org%3E"
},
{
"name": "RHSA-2017:3477",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"name": "DSA-3896",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"name": "RHSA-2017:3194",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"name": "RHSA-2017:3193",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"name": "1038711",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038711"
},
{
"name": "GLSA-201710-32",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"name": "RHSA-2017:2478",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [10/13] - /httpd/site/trunk/content/security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-3167",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_value": "2.2.0 to 2.2.32"
},
{
"version_value": "2.4.0 to 2.4.25"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass (CWE-287)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2017:2479",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"name": "RHSA-2017:2483",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180601-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"name": "https://www.nomachine.com/SU08O00185",
"refsource": "CONFIRM",
"url": "https://www.nomachine.com/SU08O00185"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"name": "RHSA-2017:3475",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"name": "99135",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99135"
},
{
"name": "RHSA-2017:3195",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3476",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"name": "[dev] 20170619 CVE-2017-3167: ap_get_basic_auth_pw authentication bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4@%3Cdev.httpd.apache.org%3E"
},
{
"name": "RHSA-2017:3477",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"name": "DSA-3896",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"name": "RHSA-2017:3194",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"name": "RHSA-2017:3193",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"name": "1038711",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038711"
},
{
"name": "GLSA-201710-32",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"name": "RHSA-2017:2478",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "https://www.tenable.com/security/tns-2019-09",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [10/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2017-3167",
"datePublished": "2017-06-20T01:00:00",
"dateReserved": "2016-12-05T00:00:00",
"dateUpdated": "2024-08-05T14:16:28.300Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2017-3167\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2017-06-20T01:29:00.330\",\"lastModified\":\"2023-11-07T02:44:04.490\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.\"},{\"lang\":\"es\",\"value\":\"En Apache httpd, en versiones 2.2.x anteriores a la 2.2.33 y versiones 2.4.x anteriores a la 2.4.26, el uso de ap_get_basic_auth_pw() por parte de m\u00f3dulos de terceros fuera de la fase de autenticaci\u00f3n puede dar lugar a que se omitan requisitos de autenticaci\u00f3n..\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":true,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]},{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-287\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.2.0\",\"versionEndExcluding\":\"2.2.33\",\"matchCriteriaId\":\"288DBB49-70C3-44FD-B0F1-620FF9A21984\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.4.0\",\"versionEndExcluding\":\"2.4.26\",\"matchCriteriaId\":\"62198456-19E7-49D4-80C2-0008C43AC925\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1FE996B1-6951-4F85-AA58-B99A379D2163\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*\",\"matchCriteriaId\":\"3FA5E22C-489B-4C5F-A5F3-C03F45CA8811\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ADFF451-740F-4DBA-BD23-3881945D3E40\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"33C068A4-3780-4EAB-A937-6082DF847564\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"967EC28A-607F-48F4-AD64-5E3041C768F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE1D81A1-CD24-4B17-8AFD-DC95E90AD7D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"807C024A-F8E8-4B48-A349-4C68CD252CA1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F96E3779-F56A-45FF-BB3D-4980527D721E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0CF73560-2F5B-4723-A8A1-9AADBB3ADA00\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5BF3C7A5-9117-42C7-BEA1-4AA378A582EF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"83737173-E12E-4641-BC49-0BD84A6B29D0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1C8D871B-AEA1-4407-AEE3-47EC782250FF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"98381E61-F082-4302-B51F-5648884F998B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D99A687E-EAE6-417E-A88E-D0082BC194CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B353CE99-D57C-465B-AAB0-73EF581127D1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7431ABC1-9252-419E-8CC1-311B41360078\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6755B6AD-0422-467B-8115-34A60B1D1A40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D5F7E11E-FB34-4467-8919-2B6BEAABF665\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B76AA310-FEC7-497F-AF04-C3EC1E76C4CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"17F256A9-D3B9-4C72-B013-4EFD878BFEA8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"825ECE2D-E232-46E0-A047-074B34DB1E97\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2466282-51AB-478D-9FF4-FA524265ED2E\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.13.1\",\"matchCriteriaId\":\"C43CA59D-847F-4225-A7A6-02DEB1BB4F64\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:secure_global_desktop:5.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B4B4E96-1F12-4719-BDB7-4ED5D3DCF9ED\"}]}]}],\"references\":[{\"url\":\"http://www.debian.org/security/2017/dsa-3896\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html\",\"source\":\"security@apache.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/99135\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1038711\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2478\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2479\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2483\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3193\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3194\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3195\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3475\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3476\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:3477\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4%40%3Cdev.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E\",\"source\":\"security@apache.org\"},{\"url\":\"https://security.gentoo.org/glsa/201710-32\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180601-0002/\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.apple.com/HT208221\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.nomachine.com/SU08O00185\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2019-09\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
rhsa-2017_2478
Vulnerability from csaf_redhat
Published
2017-08-15 18:11
Modified
2024-09-13 16:49
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2478",
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_2478.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-09-13T16:49:10+00:00",
"generator": {
"date": "2024-09-13T16:49:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2017:2478",
"initial_release_date": "2017-08-15T18:11:45+00:00",
"revision_history": [
{
"date": "2017-08-15T18:11:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-08-15T18:11:45+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T16:49:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.src",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.src",
"product_id": "httpd-0:2.2.15-60.el6_9.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"product": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"product_id": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.15-60.el6_9.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.s390x",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x",
"product_id": "httpd-0:2.2.15-60.el6_9.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-60.el6_9.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"product_id": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-60.el6_9.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"product": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"product_id": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-60.el6_9.5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"product": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"product_id": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-60.el6_9.5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"product": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"product_id": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-60.el6_9.5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Client-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node (v. 6)",
"product_id": "6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Server-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.src",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-60.el6_9.5.noarch as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.i686",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"relates_to_product_reference": "6Workstation-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"relates_to_product_reference": "6Workstation-6.9.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Client-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Client-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6ComputeNode-optional-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6ComputeNode-optional-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Server-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Server-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.src",
"6Workstation-6.9.z:httpd-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-debuginfo-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-devel-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:httpd-manual-0:2.2.15-60.el6_9.5.noarch",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:httpd-tools-0:2.2.15-60.el6_9.5.x86_64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.i686",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.ppc64",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.s390x",
"6Workstation-6.9.z:mod_ssl-1:2.2.15-60.el6_9.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
}
]
}
rhsa-2017_3477
Vulnerability from csaf_redhat
Published
2017-12-15 22:34
Modified
2024-09-16 00:33
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for JBoss Core Services on RHEL 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for JBoss Core Services on RHEL 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3477",
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "JBCS-403",
"url": "https://issues.redhat.com/browse/JBCS-403"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_3477.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"tracking": {
"current_release_date": "2024-09-16T00:33:03+00:00",
"generator": {
"date": "2024-09-16T00:33:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2017:3477",
"initial_release_date": "2017-12-15T22:34:40+00:00",
"revision_history": [
{
"date": "2017-12-15T22:34:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-15T22:34:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T00:33:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-125.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-125.jbcs.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-125.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-15.GA.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_1.jbcs.el6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-125.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-125.jbcs.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-125.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-15.GA.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el6?arch=i686"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_1.jbcs.el6?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el6?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.23-125.jbcs.el6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"relates_to_product_reference": "6Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server",
"product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64",
"relates_to_product_reference": "6Server-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el6.noarch",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.src",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el6.x86_64",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.i686",
"6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
}
]
}
rhsa-2017_2483
Vulnerability from csaf_redhat
Published
2017-08-16 23:04
Modified
2024-09-13 16:49
Summary
Red Hat Security Advisory: httpd24-httpd security update
Notes
Topic
An update for httpd24-httpd is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A NULL pointer dereference flaw was found in the mod_http2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request. (CVE-2017-7659)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd24-httpd is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A NULL pointer dereference flaw was found in the mod_http2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request. (CVE-2017-7659)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2483",
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463199"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_2483.json"
}
],
"title": "Red Hat Security Advisory: httpd24-httpd security update",
"tracking": {
"current_release_date": "2024-09-13T16:49:05+00:00",
"generator": {
"date": "2024-09-13T16:49:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2017:2483",
"initial_release_date": "2017-08-16T23:04:17+00:00",
"revision_history": [
{
"date": "2017-08-16T23:04:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-08-16T23:04:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T16:49:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.25-9.el7.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.25-9.el7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"product": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"product_id": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.25-9.el7.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ssl@2.4.25-9.el6.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_session@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_ldap@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-devel@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-tools@2.4.25-9.el6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-mod_proxy_html@2.4.25-9.el6.1?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"product": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"product_id": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-debuginfo@2.4.25-9.el6.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"product": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"product_id": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-manual@2.4.25-9.el7.1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"product": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"product_id": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd-manual@2.4.25-9.el6.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"product_id": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el7.1?arch=src"
}
}
},
{
"category": "product_version",
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"product": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"product_id": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd24-httpd@2.4.25-9.el6.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4-6.7.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.src",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"relates_to_product_reference": "6Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4-7.3.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Server-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.src",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch"
},
"product_reference": "httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64 as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
},
"product_reference": "httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"relates_to_product_reference": "7Workstation-RHSCL-2.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7659",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463199"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the mod_http2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_http2 NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7659"
},
{
"category": "external",
"summary": "RHBZ#1463199",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463199"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7659",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7659"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_http2 NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4-6.7.Z:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4-6.7.Z:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.src",
"6Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el6.1.noarch",
"6Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el6.1.x86_64",
"6Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el6.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4-7.3.Z:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4-7.3.Z:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Server-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Server-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Server-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.src",
"7Workstation-RHSCL-2.4:httpd24-httpd-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-debuginfo-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-devel-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-httpd-manual-0:2.4.25-9.el7.1.noarch",
"7Workstation-RHSCL-2.4:httpd24-httpd-tools-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ldap-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_proxy_html-1:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_session-0:2.4.25-9.el7.1.x86_64",
"7Workstation-RHSCL-2.4:httpd24-mod_ssl-1:2.4.25-9.el7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
}
]
}
rhsa-2017_2479
Vulnerability from csaf_redhat
Published
2017-08-15 18:23
Modified
2024-09-13 16:48
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:2479",
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_2479.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-09-13T16:48:58+00:00",
"generator": {
"date": "2024-09-13T16:48:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2017:2479",
"initial_release_date": "2017-08-15T18:23:44+00:00",
"revision_history": [
{
"date": "2017-08-15T18:23:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-08-15T18:23:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T16:48:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"product": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"product_id": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.6-67.el7_4.2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.src",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.src",
"product_id": "httpd-0:2.4.6-67.el7_4.2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x",
"product_id": "httpd-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-67.el7_4.2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"product": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"product_id": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-67.el7_4.2?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"product_id": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-67.el7_4.2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"product": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"product_id": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-67.el7_4.2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Client-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional (v. 7)",
"product_id": "7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Server-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.src",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-67.el7_4.2.noarch as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_session-0:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.4.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Client-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Client-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7ComputeNode-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7ComputeNode-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Server-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Server-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.src",
"7Workstation-optional-7.4.Z:httpd-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-debuginfo-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-devel-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:httpd-manual-0:2.4.6-67.el7_4.2.noarch",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:httpd-tools-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ldap-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.aarch64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_proxy_html-1:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_session-0:2.4.6-67.el7_4.2.x86_64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.ppc64le",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.s390x",
"7Workstation-optional-7.4.Z:mod_ssl-1:2.4.6-67.el7_4.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
}
]
}
rhsa-2017_3193
Vulnerability from csaf_redhat
Published
2017-11-13 17:35
Modified
2024-09-13 16:49
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.2 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 7.2 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3193",
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_3193.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-09-13T16:49:24+00:00",
"generator": {
"date": "2024-09-13T16:49:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2017:3193",
"initial_release_date": "2017-11-13T17:35:40+00:00",
"revision_history": [
{
"date": "2017-11-13T17:35:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-13T17:35:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T16:49:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.2::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.2::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.2::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"product_id": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.s390x",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x",
"product_id": "httpd-0:2.4.6-40.el7_2.6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"product_id": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-40.el7_2.6?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"product_id": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-40.el7_2.6?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"product_id": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-40.el7_2.6.src",
"product": {
"name": "httpd-0:2.4.6-40.el7_2.6.src",
"product_id": "httpd-0:2.4.6-40.el7_2.6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-40.el7_2.6?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"product": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"product_id": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.6-40.el7_2.6?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.src",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.2)",
"product_id": "7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.src",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.2)",
"product_id": "7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.src",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-40.el7_2.6.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_session-0:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.2)",
"product_id": "7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"relates_to_product_reference": "7Server-optional-7.2.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7ComputeNode-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7ComputeNode-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.src",
"7Server-optional-7.2.EUS:httpd-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-debuginfo-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-devel-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:httpd-manual-0:2.4.6-40.el7_2.6.noarch",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:httpd-tools-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ldap-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_proxy_html-1:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_session-0:2.4.6-40.el7_2.6.x86_64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.ppc64le",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.s390x",
"7Server-optional-7.2.EUS:mod_ssl-1:2.4.6-40.el7_2.6.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
}
]
}
rhsa-2017_3475
Vulnerability from csaf_redhat
Published
2017-12-15 22:23
Modified
2024-09-16 00:33
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for Red Hat JBoss Core Services.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1 and 2), which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Core Services.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as a replacement of Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes (including fixes from previous Service Pack 1 and 2), which are documented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3475",
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp\u0026downloadType=securityPatches\u0026version=2.4.23",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=core.service.apachehttp\u0026downloadType=securityPatches\u0026version=2.4.23"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "JBCS-404",
"url": "https://issues.redhat.com/browse/JBCS-404"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_3475.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"tracking": {
"current_release_date": "2024-09-16T00:33:09+00:00",
"generator": {
"date": "2024-09-16T00:33:09+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2017:3475",
"initial_release_date": "2017-12-15T22:23:06+00:00",
"revision_history": [
{
"date": "2017-12-15T22:23:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-15T22:23:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T00:33:09+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services 1",
"product": {
"name": "Red Hat JBoss Core Services 1",
"product_id": "Red Hat JBoss Core Services 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"Red Hat JBoss Core Services 1"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Core Services 1"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files).\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically.",
"product_ids": [
"Red Hat JBoss Core Services 1"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Core Services 1"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
}
]
}
rhsa-2017_3476
Vulnerability from csaf_redhat
Published
2017-12-15 22:34
Modified
2024-09-16 00:32
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update
Notes
Topic
An update is now available for JBoss Core Services on RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for JBoss Core Services on RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. (CVE-2017-12613)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3476",
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/",
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "JBCS-402",
"url": "https://issues.redhat.com/browse/JBCS-402"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_3476.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"tracking": {
"current_release_date": "2024-09-16T00:32:58+00:00",
"generator": {
"date": "2024-09-16T00:32:58+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2017:3476",
"initial_release_date": "2017-12-15T22:34:21+00:00",
"revision_history": [
{
"date": "2017-12-15T22:34:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-12-15T22:34:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-16T00:32:58+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product": {
"name": "Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_core_services:1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Core Services"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.23-125.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.23-125.jbcs.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-libs@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.23-125.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx-debuginfo@0.9.6-15.GA.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.8-1.Final_redhat_1.jbcs.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"product_id": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.23-125.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_bmx@0.9.6-15.GA.jbcs.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"product": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.8-1.Final_redhat_1.jbcs.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"product": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"product_id": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.23-125.jbcs.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch"
},
"product_reference": "jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server",
"product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
},
"product_reference": "jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64",
"relates_to_product_reference": "7Server-JBCS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
},
{
"cve": "CVE-2017-12613",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-10-24T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506523"
}
],
"notes": [
{
"category": "description",
"text": "An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "apr: Out-of-bounds array deref in apr_time_exp*() functions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-12613"
},
{
"category": "external",
"summary": "RHBZ#1506523",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506523"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-12613",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-12613"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-12613"
},
{
"category": "external",
"summary": "http://www.apache.org/dist/apr/Announcement1.x.html",
"url": "http://www.apache.org/dist/apr/Announcement1.x.html"
}
],
"release_date": "2017-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-httpd-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-libs-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.23-125.jbcs.el7.noarch",
"7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_bmx-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_bmx-debuginfo-0:0.9.6-15.GA.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.src",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.8-1.Final_redhat_1.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.23-125.jbcs.el7.x86_64",
"7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.23-125.jbcs.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "apr: Out-of-bounds array deref in apr_time_exp*() functions"
}
]
}
rhsa-2017_3194
Vulnerability from csaf_redhat
Published
2017-11-13 17:36
Modified
2024-09-13 16:49
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 7.3 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 7.3 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3194",
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_3194.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-09-13T16:49:30+00:00",
"generator": {
"date": "2024-09-13T16:49:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2017:3194",
"initial_release_date": "2017-11-13T17:36:28+00:00",
"revision_history": [
{
"date": "2017-11-13T17:36:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-13T17:36:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T16:49:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.3::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.3::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:7.3::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ldap@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_proxy_html@2.4.6-45.el7_3.5?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_session@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"product_id": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.4.6-45.el7_3.5?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"product": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"product_id": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.4.6-45.el7_3.5?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"product": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"product_id": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.4.6-45.el7_3.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.4.6-45.el7_3.5.src",
"product": {
"name": "httpd-0:2.4.6-45.el7_3.5.src",
"product_id": "httpd-0:2.4.6-45.el7_3.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.4.6-45.el7_3.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.src as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.src",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Optional EUS (v. 7.3)",
"product_id": "7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7ComputeNode-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.src as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.src",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 7.3)",
"product_id": "7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.src as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.src",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.4.6-45.el7_3.5.noarch as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch"
},
"product_reference": "httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_session-0:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_session-0:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.s390x as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64 as a component of Red Hat Enterprise Linux Server Optional EUS (v. 7.3)",
"product_id": "7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
},
"product_reference": "mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"relates_to_product_reference": "7Server-optional-7.3.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7668",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463205"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_find_token() buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7668"
},
{
"category": "external",
"summary": "RHBZ#1463205",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463205"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7668",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7668"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7668"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_find_token() buffer overread"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7ComputeNode-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7ComputeNode-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.src",
"7Server-optional-7.3.EUS:httpd-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-debuginfo-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-devel-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:httpd-manual-0:2.4.6-45.el7_3.5.noarch",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:httpd-tools-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ldap-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_proxy_html-1:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_session-0:2.4.6-45.el7_3.5.x86_64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.ppc64le",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.s390x",
"7Server-optional-7.3.EUS:mod_ssl-1:2.4.6-45.el7_3.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
}
]
}
rhsa-2017_3195
Vulnerability from csaf_redhat
Published
2017-11-13 17:35
Modified
2024-09-13 16:49
Summary
Red Hat Security Advisory: httpd security update
Notes
Topic
An update for httpd is now available for Red Hat Enterprise Linux 6.7 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.
Security Fix(es):
* It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)
* It was discovered that the use of httpd's ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)
* A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
* A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)
Red Hat would like to thank Hanno Böck for reporting CVE-2017-9798.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for httpd is now available for Red Hat Enterprise Linux 6.7 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server.\n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-9788)\n\n* It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno B\u00f6ck for reporting CVE-2017-9798.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat offerings.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2017:3195",
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/data/csaf/v2/advisories/2017/rhsa-2017_3195.json"
}
],
"title": "Red Hat Security Advisory: httpd security update",
"tracking": {
"current_release_date": "2024-09-13T16:49:36+00:00",
"generator": {
"date": "2024-09-13T16:49:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "3.33.3"
}
},
"id": "RHSA-2017:3195",
"initial_release_date": "2017-11-13T17:35:58+00:00",
"revision_history": [
{
"date": "2017-11-13T17:35:58+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2017-11-13T17:35:58+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-09-13T16:49:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:6.7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:6.7::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product": {
"name": "Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:6.7::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.src",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.src",
"product_id": "httpd-0:2.2.15-47.el6_7.5.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=i686"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"product": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"product_id": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-manual@2.2.15-47.el6_7.5?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=s390"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"product_id": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/mod_ssl@2.2.15-47.el6_7.5?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd@2.2.15-47.el6_7.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-tools@2.2.15-47.el6_7.5?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"product": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"product_id": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-debuginfo@2.2.15-47.el6_7.5?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"product": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"product_id": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/httpd-devel@2.2.15-47.el6_7.5?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.src as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.src",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node EUS (v. 6.7)",
"product_id": "6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.src as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.src",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional EUS (v. 6.7)",
"product_id": "6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.src as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.src",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-manual-0:2.2.15-47.el6_7.5.noarch as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch"
},
"product_reference": "httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.i686 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.i686",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.s390x as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"relates_to_product_reference": "6Server-6.7.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64 as a component of Red Hat Enterprise Linux Server EUS (v. 6.7)",
"product_id": "6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
},
"product_reference": "mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"relates_to_product_reference": "6Server-6.7.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2017-3167",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463194"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the use of httpd\u0027s ap_get_basic_auth_pw() API function outside of the authentication phase could lead to authentication bypass. A remote attacker could possibly use this flaw to bypass required authentication if the API was used incorrectly by one of the modules used by httpd.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: ap_get_basic_auth_pw() authentication bypass",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3167"
},
{
"category": "external",
"summary": "RHBZ#1463194",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463194"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3167",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3167"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: ap_get_basic_auth_pw() authentication bypass"
},
{
"cve": "CVE-2017-3169",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463197"
}
],
"notes": [
{
"category": "description",
"text": "A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_ssl NULL pointer dereference",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-3169"
},
{
"category": "external",
"summary": "RHBZ#1463197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-3169",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-3169"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3169"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_ssl NULL pointer dereference"
},
{
"cve": "CVE-2017-7679",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2017-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1463207"
}
],
"notes": [
{
"category": "description",
"text": "A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user permitted to modify httpd\u0027s MIME configuration could use this flaw to cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: mod_mime buffer overread",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7679"
},
{
"category": "external",
"summary": "RHBZ#1463207",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1463207"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7679",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7679"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
}
],
"release_date": "2017-06-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: mod_mime buffer overread"
},
{
"cve": "CVE-2017-9788",
"cwe": {
"id": "CWE-456",
"name": "Missing Initialization of a Variable"
},
"discovery_date": "2017-07-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1470748"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the httpd\u0027s mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Uninitialized memory reflection in mod_auth_digest",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9788"
},
{
"category": "external",
"summary": "RHBZ#1470748",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1470748"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9788",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9788"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9788"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34",
"url": "https://httpd.apache.org/security/vulnerabilities_22.html#2.2.34"
},
{
"category": "external",
"summary": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27",
"url": "https://httpd.apache.org/security/vulnerabilities_24.html#2.4.27"
}
],
"release_date": "2017-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"category": "workaround",
"details": "If you do not use digest authentication, do not load the \"auth_digest_module\".\n\nFor example, on RHEL 7, this can be done by commenting out or removing the\n\"LoadModule auth_digest_module modules/mod_auth_digest.so\"\nline within the /etc/httpd/conf.modules.d/00-base.conf configuration file and restarting the service.\n\nYou can then use the \"httpd -t -D DUMP_MODULES\" command to verify that the module is no longer loaded.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "httpd: Uninitialized memory reflection in mod_auth_digest"
},
{
"acknowledgments": [
{
"names": [
"Hanno B\u00f6ck"
]
}
],
"cve": "CVE-2017-9798",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-09-11T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1490344"
}
],
"notes": [
{
"category": "description",
"text": "A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. A remote attacker could possibly use this flaw to disclose portions of the server memory, or cause httpd child process to crash.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of httpd as shipped with Red Hat Enterprise Linux 5, 6, and 7. This issue affects the versions of httpd24-httpd as shipped with Red Hat Software Collections. Product Security has rated this issue as having Moderate security impact.\n\nIn order to be vulnerable, .htaccess files need to contain an invalid or not globally registered HTTP method in a \"Limit\" directive.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-9798"
},
{
"category": "external",
"summary": "RHBZ#1490344",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1490344"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-9798",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-9798"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-9798"
},
{
"category": "external",
"summary": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html",
"url": "https://blog.fuzzing-project.org/60-Optionsbleed-HTTP-OPTIONS-method-can-leak-Apaches-server-memory.html"
}
],
"release_date": "2017-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted automatically.",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"category": "workaround",
"details": "This issue can be mitigated by configuring httpd to disallow the use of the \"Limit\" configuration directive in .htaccess files. The set of directives that can be used in .htaccess files is configured using the \"AllowOverride\" directive. Refer to Red Hat Bugzilla bug 1490344 for further details:\nhttps://bugzilla.redhat.com/show_bug.cgi?id=1490344#c18",
"product_ids": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6ComputeNode-optional-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6ComputeNode-optional-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.src",
"6Server-6.7.EUS:httpd-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-debuginfo-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-devel-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:httpd-manual-0:2.2.15-47.el6_7.5.noarch",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:httpd-tools-0:2.2.15-47.el6_7.5.x86_64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.i686",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.ppc64",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.s390x",
"6Server-6.7.EUS:mod_ssl-1:2.2.15-47.el6_7.5.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "httpd: Use-after-free by limiting unregistered HTTP method (Optionsbleed)"
}
]
}
ghsa-9mgw-4qp5-wrrj
Vulnerability from github
Published
2022-05-13 01:09
Modified
2022-05-13 01:09
Severity
Details
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
{
"affected": [],
"aliases": [
"CVE-2017-3167"
],
"database_specific": {
"cwe_ids": [
"CWE-287"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2017-06-20T01:29:00Z",
"severity": "CRITICAL"
},
"details": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.",
"id": "GHSA-9mgw-4qp5-wrrj",
"modified": "2022-05-13T01:09:44Z",
"published": "2022-05-13T01:09:44Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-3167"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20180601-0002"
},
{
"type": "WEB",
"url": "https://support.apple.com/HT208221"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"type": "WEB",
"url": "https://www.nomachine.com/SU08O00185"
},
{
"type": "WEB",
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4@%3Cdev.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/99135"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1038711"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
var-201706-0272
Vulnerability from variot
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Apache httpd Contains an authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Apache HTTP Server is prone to an authentication bypass vulnerability. An attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. The following versions are vulnerable: Apache HTTP Server 2.2.0 to 2.2.32 Apache HTTP Server 2.4.0 to 2.4.25. ========================================================================== Ubuntu Security Notice USN-3373-1 July 31, 2017
apache2 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in Apache HTTP Server. This update adds a new ap_get_basic_auth_components() function for use by third-party modules. (CVE-2017-3167)
Vasileios Panopoulos discovered that the Apache mod_ssl module may crash when third-party modules call ap_hook_process_connection() during an HTTP request to an HTTPS port. (CVE-2017-3169)
Javier JimA(c)nez discovered that the Apache HTTP Server incorrectly handled parsing certain requests. (CVE-2017-7679)
David Dennerline and RA(c)gis Leroy discovered that the Apache HTTP Server incorrectly handled unusual whitespace when parsing requests, contrary to specifications. This update may introduce compatibility issues with clients that do not strictly follow HTTP protocol specifications. A new configuration option "HttpProtocolOptions Unsafe" can be used to revert to the previous unsafe behaviour in problematic environments. (CVE-2016-8743)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: A apache2.2-binA A A A A A A A A A A A A A A A A A A 2.2.22-1ubuntu1.12
In general, a standard system update will make all the necessary changes. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201710-32
https://security.gentoo.org/
Severity: Normal Title: Apache: Multiple vulnerabilities Date: October 29, 2017 Bugs: #622240, #624868, #631308 ID: 201710-32
Synopsis
Multiple vulnerabilities have been found in Apache, the worst of which may result in the loss of secrets.
Affected packages
-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-servers/apache < 2.4.27-r1 >= 2.4.27-r1
Description
Multiple vulnerabilities have been discovered in Apache. Please review the referenced CVE identifiers for details.
Impact
The Optionsbleed vulnerability can leak arbitrary memory from the server process that may contain secrets.
Workaround
There is no known workaround at this time.
Resolution
All Apache users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-servers/apache-2.4.27-r1"
References
[ 1 ] CVE-2017-3167 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3167 [ 2 ] CVE-2017-3169 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3169 [ 3 ] CVE-2017-7659 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7659 [ 4 ] CVE-2017-7668 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7668 [ 5 ] CVE-2017-7679 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7679 [ 6 ] CVE-2017-9788 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9788 [ 7 ] CVE-2017-9789 https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9789 [ 8 ] CVE-2017-9798 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201710-32
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5 . This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 3 serves as an update to Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
- An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak. JIRA issues fixed (https://issues.jboss.org/):
JBCS-403 - Errata for httpd 2.4.23.SP3 RHEL6
- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: httpd24-httpd security update Advisory ID: RHSA-2017:2483-01 Product: Red Hat Software Collections Advisory URL: https://access.redhat.com/errata/RHSA-2017:2483 Issue date: 2017-08-16 CVE Names: CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 =====================================================================
- Summary:
An update for httpd24-httpd is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
- Relevant releases/architectures:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64 Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64
Security Fix(es):
-
It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain headers related to digest authentication. A remote attacker could possibly use this flaw to disclose potentially sensitive information or cause httpd child process to crash by sending specially crafted requests to a server. (CVE-2017-3167)
-
A NULL pointer dereference flaw was found in the httpd's mod_ssl module. A remote attacker could use this flaw to cause an httpd child process to crash if another module used by httpd called a certain API function during the processing of an HTTPS request. (CVE-2017-3169)
-
A NULL pointer dereference flaw was found in the mod_http2 module of httpd. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP/2 request. (CVE-2017-7659)
-
A buffer over-read flaw was found in the httpd's ap_find_token() function. A remote attacker could use this flaw to cause httpd child process to crash via a specially crafted HTTP request. (CVE-2017-7668)
-
A buffer over-read flaw was found in the httpd's mod_mime module. A user permitted to modify httpd's MIME configuration could use this flaw to cause httpd child process to crash. (CVE-2017-7679)
-
Solution:
For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258
After installing the updated packages, the httpd daemon will be restarted automatically.
- Bugs fixed (https://bugzilla.redhat.com/):
1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass 1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference 1463199 - CVE-2017-7659 httpd: mod_http2 NULL pointer dereference 1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread 1463207 - CVE-2017-7679 httpd: mod_mime buffer overread 1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest
- Package List:
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):
Source: httpd24-httpd-2.4.25-9.el6.1.src.rpm
noarch: httpd24-httpd-manual-2.4.25-9.el6.1.noarch.rpm
x86_64: httpd24-httpd-2.4.25-9.el6.1.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el6.1.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el6.1.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_session-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el6.1.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7):
Source: httpd24-httpd-2.4.25-9.el6.1.src.rpm
noarch: httpd24-httpd-manual-2.4.25-9.el6.1.noarch.rpm
x86_64: httpd24-httpd-2.4.25-9.el6.1.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el6.1.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el6.1.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_session-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el6.1.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6):
Source: httpd24-httpd-2.4.25-9.el6.1.src.rpm
noarch: httpd24-httpd-manual-2.4.25-9.el6.1.noarch.rpm
x86_64: httpd24-httpd-2.4.25-9.el6.1.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el6.1.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el6.1.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_session-2.4.25-9.el6.1.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el6.1.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):
Source: httpd24-httpd-2.4.25-9.el7.1.src.rpm
noarch: httpd24-httpd-manual-2.4.25-9.el7.1.noarch.rpm
x86_64: httpd24-httpd-2.4.25-9.el7.1.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el7.1.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el7.1.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_session-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el7.1.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3):
Source: httpd24-httpd-2.4.25-9.el7.1.src.rpm
noarch: httpd24-httpd-manual-2.4.25-9.el7.1.noarch.rpm
x86_64: httpd24-httpd-2.4.25-9.el7.1.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el7.1.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el7.1.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_session-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el7.1.x86_64.rpm
Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):
Source: httpd24-httpd-2.4.25-9.el7.1.src.rpm
noarch: httpd24-httpd-manual-2.4.25-9.el7.1.noarch.rpm
x86_64: httpd24-httpd-2.4.25-9.el7.1.x86_64.rpm httpd24-httpd-debuginfo-2.4.25-9.el7.1.x86_64.rpm httpd24-httpd-devel-2.4.25-9.el7.1.x86_64.rpm httpd24-httpd-tools-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_ldap-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_proxy_html-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_session-2.4.25-9.el7.1.x86_64.rpm httpd24-mod_ssl-2.4.25-9.el7.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2017-3167 https://access.redhat.com/security/cve/CVE-2017-3169 https://access.redhat.com/security/cve/CVE-2017-7659 https://access.redhat.com/security/cve/CVE-2017-7668 https://access.redhat.com/security/cve/CVE-2017-7679 https://access.redhat.com/security/cve/CVE-2017-9788 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFZlNCpXlSAg2UNWIIRArzwAJwNfAuroR6X18rUh+zmjiMy5iBkdwCeJF6e 4v4GwWYC+5xG0xxXzTEQyAg= =UV+2 -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . Solution:
The References section of this erratum contains a download link (you must log in to download the update). Before applying the update, back up your existing Red Hat JBoss Web Server installation (including all applications and configuration files). 7.3) - ppc64, ppc64le, s390x, x86_64
-
(CVE-2017-7679)
-
A use-after-free flaw was found in the way httpd handled invalid and previously unregistered HTTP methods specified in the Limit directive used in an .htaccess file. (CVE-2017-9798)
Red Hat would like to thank Hanno BAPck for reporting CVE-2017-9798
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201706-0272",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "secure global desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "oracle",
"version": "5.3"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "oncommand unified manager",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "storagegrid",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "9.0"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "http server",
"scope": "gte",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.6"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.4.26"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "debian",
"version": "8.0"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.4"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.7"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "clustered data ontap",
"scope": "eq",
"trust": 1.0,
"vendor": "netapp",
"version": null
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "jboss core services",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "1.0"
},
{
"model": "enterprise linux server aus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "mac os x",
"scope": "lt",
"trust": 1.0,
"vendor": "apple",
"version": "10.13.1"
},
{
"model": "http server",
"scope": "lt",
"trust": 1.0,
"vendor": "apache",
"version": "2.2.33"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.5"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "6.0"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.7"
},
{
"model": "enterprise linux eus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "enterprise linux server tus",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.3"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "jp1/automatic job management system 3",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- manager web console"
},
{
"model": "jp1/integrated management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- service support starter edition"
},
{
"model": "jp1/it desktop management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "2 - operations director"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- custom edition"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "(64)"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "express"
},
{
"model": "job management partner 1/integrated management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- service support"
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional for plug-in"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- messaging"
},
{
"model": "jp1/integrated management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- service support advanced edition"
},
{
"model": "job management partner 1/it desktop management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "2 - smart device manager"
},
{
"model": "jp1/performance management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- web console"
},
{
"model": "ucosminexus developer standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "(64)"
},
{
"model": "httpd",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "2.4.26"
},
{
"model": "jp1/performance management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- manager"
},
{
"model": "jp1/it desktop management - manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/automatic operation",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "01"
},
{
"model": "job management partner 1/performance management - web console",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "job management partner 1/it desktop management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "2 - manager"
},
{
"model": "ucosminexus developer light",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "jp1/it desktop management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "2 - smart device manager"
},
{
"model": "application server for developers",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/integrated management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- service support"
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base"
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "st ard-r"
},
{
"model": "ucosminexus primary server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "base(64)"
},
{
"model": "job management partner 1/integrated management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- service support advanced edition"
},
{
"model": "ucosminexus service platform",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "httpd",
"scope": "eq",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.33"
},
{
"model": "it operations director",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/service support",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "jp1/operations analytics",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/service support",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "starter edition"
},
{
"model": "cosminexus http server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "-r"
},
{
"model": "jp1/it desktop management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "2 - manager"
},
{
"model": "job management partner 1/it desktop management - manager",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus service architect",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "ucosminexus application server enterprise",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "jp1/performance management",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- manager web console"
},
{
"model": "spoolserver/winspool series",
"scope": "eq",
"trust": 0.8,
"vendor": "nec",
"version": "reportfiling ver5.2 ~ 6.2"
},
{
"model": "ucosminexus application server standard",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "web server",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "- security edition"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "professional"
},
{
"model": "httpd",
"scope": "lt",
"trust": 0.8,
"vendor": "apache",
"version": "2.2.x"
},
{
"model": "ucosminexus developer",
"scope": "eq",
"trust": 0.8,
"vendor": "hitachi",
"version": "none"
},
{
"model": "ucosminexus application server smart edition",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "application server",
"scope": null,
"trust": 0.8,
"vendor": "hitachi",
"version": null
},
{
"model": "httpd",
"scope": "lt",
"trust": 0.8,
"vendor": "apache",
"version": "2.4.x"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "17.04"
},
{
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.10"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "16.04"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "14.04"
},
{
"model": "software collections for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "0"
},
{
"model": "jboss web server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "0"
},
{
"model": "jboss ews",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "2"
},
{
"model": "jboss eap",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "jboss core services",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "1"
},
{
"model": "enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux hpc node optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop optional",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5.0"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.1"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.3"
},
{
"model": "i",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.52"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.52"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.09"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.033"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.029"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.11"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.9"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.8"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.11"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.10"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.7"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.6"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.4"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.3"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.2"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.12"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.11"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.1"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.4.27"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.5"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.43"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.39"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.27"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.25"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.21"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.19"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.17"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.15"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.13"
},
{
"model": "http server",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0"
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.25"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.20"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.19"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.18"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.17"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.16"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.14"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.12"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.10"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.4"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.26"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.25"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.24"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.23"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.15"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.14"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.13"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.12"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.11"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.10"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.3"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.24"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.2"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.13"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.1"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.0"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.32"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.29"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.22"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.21"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.20"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.19"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.18"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.17"
},
{
"model": "apache",
"scope": "eq",
"trust": 0.3,
"vendor": "apache",
"version": "2.2.1"
},
{
"model": "http server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "9.0.0.5"
},
{
"model": "http server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.5.5.12"
},
{
"model": "http server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "8.0.0.14"
},
{
"model": "http server",
"scope": "ne",
"trust": 0.3,
"vendor": "ibm",
"version": "7.0.0.45"
},
{
"model": "apache",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": "2.4.26"
},
{
"model": "2.2.33-dev",
"scope": "ne",
"trust": 0.3,
"vendor": "apache",
"version": null
}
],
"sources": [
{
"db": "BID",
"id": "99135"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005023"
},
{
"db": "NVD",
"id": "CVE-2017-3167"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.33",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.4.26",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.13.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:secure_global_desktop:5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3167"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "145457"
},
{
"db": "PACKETSTORM",
"id": "143785"
},
{
"db": "PACKETSTORM",
"id": "145455"
},
{
"db": "PACKETSTORM",
"id": "144968"
}
],
"trust": 0.4
},
"cve": "CVE-2017-3167",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": true,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2017-3167",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2017-3167",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2017-3167",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "VULMON",
"id": "CVE-2017-3167",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3167"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005023"
},
{
"db": "NVD",
"id": "CVE-2017-3167"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed. Apache httpd Contains an authentication vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Apache HTTP Server is prone to an authentication bypass vulnerability. \nAn attacker can exploit this issue to bypass authentication mechanism and perform unauthorized actions. This may lead to further attacks. \nThe following versions are vulnerable:\nApache HTTP Server 2.2.0 to 2.2.32\nApache HTTP Server 2.4.0 to 2.4.25. ==========================================================================\nUbuntu Security Notice USN-3373-1\nJuly 31, 2017\n\napache2 vulnerabilities\n==========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 12.04 ESM\n\nSummary:\n\nSeveral security issues were fixed in Apache HTTP Server. This update adds a\nnew ap_get_basic_auth_components() function for use by third-party\nmodules. (CVE-2017-3167)\n\nVasileios Panopoulos discovered that the Apache mod_ssl module may\ncrash when third-party modules call ap_hook_process_connection() during\nan HTTP request to an HTTPS port. (CVE-2017-3169)\n\nJavier JimA(c)nez discovered that the Apache HTTP Server incorrectly\nhandled parsing certain requests. (CVE-2017-7679)\n\nDavid Dennerline and RA(c)gis Leroy discovered that the Apache HTTP Server\nincorrectly handled unusual whitespace when parsing requests, contrary\nto specifications. This update may\nintroduce compatibility issues with clients that do not strictly follow\nHTTP protocol specifications. A new configuration option\n\"HttpProtocolOptions Unsafe\" can be used to revert to the previous\nunsafe behaviour in problematic environments. (CVE-2016-8743)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 12.04 ESM:\nA apache2.2-binA A A A A A A A A A A A A A A A A A A 2.2.22-1ubuntu1.12\n\nIn general, a standard system update will make all the necessary\nchanges. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nGentoo Linux Security Advisory GLSA 201710-32\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n https://security.gentoo.org/\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\n Severity: Normal\n Title: Apache: Multiple vulnerabilities\n Date: October 29, 2017\n Bugs: #622240, #624868, #631308\n ID: 201710-32\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\n\nSynopsis\n========\n\nMultiple vulnerabilities have been found in Apache, the worst of which\nmay result in the loss of secrets. \n\nAffected packages\n=================\n\n -------------------------------------------------------------------\n Package / Vulnerable / Unaffected\n -------------------------------------------------------------------\n 1 www-servers/apache \u003c 2.4.27-r1 \u003e= 2.4.27-r1 \n\nDescription\n===========\n\nMultiple vulnerabilities have been discovered in Apache. Please review\nthe referenced CVE identifiers for details. \n\nImpact\n======\n\nThe Optionsbleed vulnerability can leak arbitrary memory from the\nserver process that may contain secrets. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Apache users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=www-servers/apache-2.4.27-r1\"\n\nReferences\n==========\n\n[ 1 ] CVE-2017-3167\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3167\n[ 2 ] CVE-2017-3169\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-3169\n[ 3 ] CVE-2017-7659\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7659\n[ 4 ] CVE-2017-7668\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7668\n[ 5 ] CVE-2017-7679\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-7679\n[ 6 ] CVE-2017-9788\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9788\n[ 7 ] CVE-2017-9789\n https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9789\n[ 8 ] CVE-2017-9798\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201710-32\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n. This software, such as Apache HTTP Server, is\ncommon to multiple JBoss middleware products, and is packaged under Red Hat\nJBoss Core Services to allow for faster distribution of updates, and for a\nmore consistent update experience. \n\nThis release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23\nService Pack 3 serves as an update to Red Hat JBoss Core Services Apache\nHTTP Server 2.4.23 Service Pack 2, and includes bug fixes, which are\ndocumented in the Release Notes document linked to in the References. \n\nSecurity Fix(es):\n\n* An out-of-bounds array dereference was found in apr_time_exp_get(). An\nattacker could abuse an unvalidated usage of this function to cause a\ndenial of service or potentially lead to data leak. JIRA issues fixed (https://issues.jboss.org/):\n\nJBCS-403 - Errata for httpd 2.4.23.SP3 RHEL6\n\n7. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: httpd24-httpd security update\nAdvisory ID: RHSA-2017:2483-01\nProduct: Red Hat Software Collections\nAdvisory URL: https://access.redhat.com/errata/RHSA-2017:2483\nIssue date: 2017-08-16\nCVE Names: CVE-2017-3167 CVE-2017-3169 CVE-2017-7659 \n CVE-2017-7668 CVE-2017-7679 CVE-2017-9788 \n=====================================================================\n\n1. Summary:\n\nAn update for httpd24-httpd is now available for Red Hat Software\nCollections. \n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64\n\n3. \n\nSecurity Fix(es):\n\n* It was discovered that the httpd\u0027s mod_auth_digest module did not\nproperly initialize memory before using it when processing certain headers\nrelated to digest authentication. A remote attacker could possibly use this\nflaw to disclose potentially sensitive information or cause httpd child\nprocess to crash by sending specially crafted requests to a server. (CVE-2017-3167)\n\n* A NULL pointer dereference flaw was found in the httpd\u0027s mod_ssl module. \nA remote attacker could use this flaw to cause an httpd child process to\ncrash if another module used by httpd called a certain API function during\nthe processing of an HTTPS request. (CVE-2017-3169)\n\n* A NULL pointer dereference flaw was found in the mod_http2 module of\nhttpd. A remote attacker could use this flaw to cause httpd child process\nto crash via a specially crafted HTTP/2 request. (CVE-2017-7659)\n\n* A buffer over-read flaw was found in the httpd\u0027s ap_find_token()\nfunction. A remote attacker could use this flaw to cause httpd child\nprocess to crash via a specially crafted HTTP request. (CVE-2017-7668)\n\n* A buffer over-read flaw was found in the httpd\u0027s mod_mime module. A user\npermitted to modify httpd\u0027s MIME configuration could use this flaw to cause\nhttpd child process to crash. (CVE-2017-7679)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon will be restarted\nautomatically. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1463194 - CVE-2017-3167 httpd: ap_get_basic_auth_pw() authentication bypass\n1463197 - CVE-2017-3169 httpd: mod_ssl NULL pointer dereference\n1463199 - CVE-2017-7659 httpd: mod_http2 NULL pointer dereference\n1463205 - CVE-2017-7668 httpd: ap_find_token() buffer overread\n1463207 - CVE-2017-7679 httpd: mod_mime buffer overread\n1470748 - CVE-2017-9788 httpd: Uninitialized memory reflection in mod_auth_digest\n\n6. Package List:\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):\n\nSource:\nhttpd24-httpd-2.4.25-9.el6.1.src.rpm\n\nnoarch:\nhttpd24-httpd-manual-2.4.25-9.el6.1.noarch.rpm\n\nx86_64:\nhttpd24-httpd-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-httpd-debuginfo-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-httpd-devel-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-httpd-tools-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_ldap-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_proxy_html-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_session-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_ssl-2.4.25-9.el6.1.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7):\n\nSource:\nhttpd24-httpd-2.4.25-9.el6.1.src.rpm\n\nnoarch:\nhttpd24-httpd-manual-2.4.25-9.el6.1.noarch.rpm\n\nx86_64:\nhttpd24-httpd-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-httpd-debuginfo-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-httpd-devel-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-httpd-tools-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_ldap-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_proxy_html-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_session-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_ssl-2.4.25-9.el6.1.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6):\n\nSource:\nhttpd24-httpd-2.4.25-9.el6.1.src.rpm\n\nnoarch:\nhttpd24-httpd-manual-2.4.25-9.el6.1.noarch.rpm\n\nx86_64:\nhttpd24-httpd-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-httpd-debuginfo-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-httpd-devel-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-httpd-tools-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_ldap-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_proxy_html-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_session-2.4.25-9.el6.1.x86_64.rpm\nhttpd24-mod_ssl-2.4.25-9.el6.1.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):\n\nSource:\nhttpd24-httpd-2.4.25-9.el7.1.src.rpm\n\nnoarch:\nhttpd24-httpd-manual-2.4.25-9.el7.1.noarch.rpm\n\nx86_64:\nhttpd24-httpd-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-httpd-debuginfo-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-httpd-devel-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-httpd-tools-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_ldap-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_proxy_html-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_session-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_ssl-2.4.25-9.el7.1.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3):\n\nSource:\nhttpd24-httpd-2.4.25-9.el7.1.src.rpm\n\nnoarch:\nhttpd24-httpd-manual-2.4.25-9.el7.1.noarch.rpm\n\nx86_64:\nhttpd24-httpd-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-httpd-debuginfo-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-httpd-devel-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-httpd-tools-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_ldap-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_proxy_html-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_session-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_ssl-2.4.25-9.el7.1.x86_64.rpm\n\nRed Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nhttpd24-httpd-2.4.25-9.el7.1.src.rpm\n\nnoarch:\nhttpd24-httpd-manual-2.4.25-9.el7.1.noarch.rpm\n\nx86_64:\nhttpd24-httpd-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-httpd-debuginfo-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-httpd-devel-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-httpd-tools-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_ldap-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_proxy_html-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_session-2.4.25-9.el7.1.x86_64.rpm\nhttpd24-mod_ssl-2.4.25-9.el7.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-3167\nhttps://access.redhat.com/security/cve/CVE-2017-3169\nhttps://access.redhat.com/security/cve/CVE-2017-7659\nhttps://access.redhat.com/security/cve/CVE-2017-7668\nhttps://access.redhat.com/security/cve/CVE-2017-7679\nhttps://access.redhat.com/security/cve/CVE-2017-9788\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZlNCpXlSAg2UNWIIRArzwAJwNfAuroR6X18rUh+zmjiMy5iBkdwCeJF6e\n4v4GwWYC+5xG0xxXzTEQyAg=\n=UV+2\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. Solution:\n\nThe References section of this erratum contains a download link (you must\nlog in to download the update). Before applying the update, back up your\nexisting Red Hat JBoss Web Server installation (including all applications\nand configuration files). 7.3) - ppc64, ppc64le, s390x, x86_64\n\n3. (CVE-2017-7679)\n\n* A use-after-free flaw was found in the way httpd handled invalid and\npreviously unregistered HTTP methods specified in the Limit directive used\nin an .htaccess file. (CVE-2017-9798)\n\nRed Hat would like to thank Hanno BAPck for reporting CVE-2017-9798",
"sources": [
{
"db": "NVD",
"id": "CVE-2017-3167"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005023"
},
{
"db": "BID",
"id": "99135"
},
{
"db": "VULMON",
"id": "CVE-2017-3167"
},
{
"db": "PACKETSTORM",
"id": "143146"
},
{
"db": "PACKETSTORM",
"id": "143561"
},
{
"db": "PACKETSTORM",
"id": "144791"
},
{
"db": "PACKETSTORM",
"id": "145457"
},
{
"db": "PACKETSTORM",
"id": "143785"
},
{
"db": "PACKETSTORM",
"id": "145455"
},
{
"db": "PACKETSTORM",
"id": "144968"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2017-3167",
"trust": 2.9
},
{
"db": "BID",
"id": "99135",
"trust": 1.3
},
{
"db": "SECTRACK",
"id": "1038711",
"trust": 1.0
},
{
"db": "TENABLE",
"id": "TNS-2019-09",
"trust": 1.0
},
{
"db": "JVN",
"id": "JVNVU98416507",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005023",
"trust": 0.8
},
{
"db": "VULMON",
"id": "CVE-2017-3167",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143146",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143561",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144791",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145457",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "143785",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "145455",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "144968",
"trust": 0.1
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3167"
},
{
"db": "BID",
"id": "99135"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005023"
},
{
"db": "PACKETSTORM",
"id": "143146"
},
{
"db": "PACKETSTORM",
"id": "143561"
},
{
"db": "PACKETSTORM",
"id": "144791"
},
{
"db": "PACKETSTORM",
"id": "145457"
},
{
"db": "PACKETSTORM",
"id": "143785"
},
{
"db": "PACKETSTORM",
"id": "145455"
},
{
"db": "PACKETSTORM",
"id": "144968"
},
{
"db": "NVD",
"id": "CVE-2017-3167"
}
]
},
"id": "VAR-201706-0272",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.24902778333333334
},
"last_update_date": "2024-07-23T19:28:16.122000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "hitachi-sec-2017-123",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-123/index.html"
},
{
"title": "hitachi-sec-2018-103",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/global/security/info/vuls/hitachi-sec-2018-103/index.html"
},
{
"title": "NV17-014",
"trust": 0.8,
"url": "http://jpn.nec.com/security-info/secinfo/nv17-014.html"
},
{
"title": "CVE-2017-3167: ap_get_basic_auth_pw authentication bypass",
"trust": 0.8,
"url": "https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4@%3cdev.httpd.apache.org%3e"
},
{
"title": "hitachi-sec-2017-123",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hitachi-sec-2017-123/index.html"
},
{
"title": "hitachi-sec-2018-103",
"trust": 0.8,
"url": "http://www.hitachi.co.jp/prod/comp/soft1/security/info/vuls/hitachi-sec-2018-103/index.html"
},
{
"title": "Red Hat: Important: httpd security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173194 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173476 - security advisory"
},
{
"title": "Red Hat: Important: httpd security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173193 - security advisory"
},
{
"title": "Red Hat: Important: httpd security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173195 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173475 - security advisory"
},
{
"title": "Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_security_advisories\u0026qid=rhsa-20173477 - security advisory"
},
{
"title": "Red Hat: CVE-2017-3167",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2017-3167"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3340-1"
},
{
"title": "Arch Linux Issues: ",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues\u0026qid=cve-2017-3167"
},
{
"title": "Ubuntu Security Notice: apache2 vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3373-1"
},
{
"title": "Debian Security Advisories: DSA-3896-1 apache2 -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=a100e91e6529637522c4f74492953f8c"
},
{
"title": "Amazon Linux AMI: ALAS-2017-892",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2017-892"
},
{
"title": "Arch Linux Advisories: [ASA-201706-34] apache: multiple issues",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories\u0026qid=asa-201706-34"
},
{
"title": "Amazon Linux AMI: ALAS-2017-863",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2017-863"
},
{
"title": "Symantec Security Advisories: SA154: Apache httpd Vulnerabilities June 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories\u0026qid=6f891c1513dfb5c26769ed38bcac6e4f"
},
{
"title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a22ad41e97bbfc5abb0bb927bf43089c"
},
{
"title": "Tenable Security Advisories: [R1] Tenable.sc 5.13.0 Fixes Multiple Third-Party Vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=tenable_security_advisories\u0026qid=tns-2019-09"
},
{
"title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=549dc795290b298746065b62b4bb7928"
},
{
"title": "Oracle: Oracle Critical Patch Update Advisory - October 2017",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=523d3f220a64ff01dd95e064bd37566a"
},
{
"title": "Final-Project",
"trust": 0.1,
"url": "https://github.com/jason134526/final-project "
},
{
"title": "Cyber-Security-Final-Project",
"trust": 0.1,
"url": "https://github.com/jklinges14/cyber-security-final-project "
},
{
"title": "GyoiThon",
"trust": 0.1,
"url": "https://github.com/gyoisamurai/gyoithon "
},
{
"title": "nrich",
"trust": 0.1,
"url": "https://github.com/retr0-13/nrich "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/rosesecurity-research/red-teaming-ttps "
},
{
"title": "Red-Teaming-TTPs",
"trust": 0.1,
"url": "https://github.com/rosesecurity/red-teaming-ttps "
},
{
"title": "Shodan-nrich",
"trust": 0.1,
"url": "https://github.com/pawankumarpandit/shodan-nrich "
},
{
"title": "DC-3-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-3-vulnhub-walkthrough "
},
{
"title": "DC-1-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-1-vulnhub-walkthrough "
},
{
"title": "DC-2-Vulnhub-Walkthrough",
"trust": 0.1,
"url": "https://github.com/vshaliii/dc-2-vulnhub-walkthrough "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/hrbrmstr/internetdb "
},
{
"title": "",
"trust": 0.1,
"url": "https://github.com/secureaxom/strike "
},
{
"title": "pigat",
"trust": 0.1,
"url": "https://github.com/syadg123/pigat "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2017-3167"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005023"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-287",
"trust": 1.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005023"
},
{
"db": "NVD",
"id": "CVE-2017-3167"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3167"
},
{
"trust": 1.1,
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:3477"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:2483"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:3475"
},
{
"trust": 1.1,
"url": "https://access.redhat.com/errata/rhsa-2017:3194"
},
{
"trust": 1.0,
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"trust": 1.0,
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"trust": 1.0,
"url": "http://www.securityfocus.com/bid/99135"
},
{
"trust": 1.0,
"url": "http://www.securitytracker.com/id/1038711"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/errata/rhsa-2017:2478"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/errata/rhsa-2017:2479"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/errata/rhsa-2017:3193"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/errata/rhsa-2017:3195"
},
{
"trust": 1.0,
"url": "https://access.redhat.com/errata/rhsa-2017:3476"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4%40%3cdev.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3ccvs.httpd.apache.org%3e"
},
{
"trust": 1.0,
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"trust": 1.0,
"url": "https://support.apple.com/ht208221"
},
{
"trust": 1.0,
"url": "https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbux03908en_us"
},
{
"trust": 1.0,
"url": "https://www.nomachine.com/su08o00185"
},
{
"trust": 1.0,
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-3167"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu98416507/"
},
{
"trust": 0.7,
"url": "https://access.redhat.com/security/cve/cve-2017-3167"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7679"
},
{
"trust": 0.7,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-3169"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7668"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-7679"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2017-3169"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.3,
"url": "http://httpd.apache.org/"
},
{
"trust": 0.3,
"url": "https://httpd.apache.org/security/vulnerabilities_22.html"
},
{
"trust": 0.3,
"url": "https://httpd.apache.org/security/vulnerabilities_24.html"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg24043880"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=nas8n1022204"
},
{
"trust": 0.3,
"url": "http://www-01.ibm.com/support/docview.wss?uid=swg22005280"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9788"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/cve/cve-2017-9798"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9798"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-7659"
},
{
"trust": 0.2,
"url": "https://issues.jboss.org/):"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/documentation/en/red-hat-jboss-core-services/"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-12613"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-12613"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-9788"
},
{
"trust": 0.2,
"url": "https://access.redhat.com/security/cve/cve-2017-7668"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.7-1ubuntu4.16"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.18-2ubuntu4.2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.25-3ubuntu2.1"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3340-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/apache2/2.4.18-2ubuntu3.3"
},
{
"trust": 0.1,
"url": "https://www.ubuntu.com/usn/usn-3373-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-8743"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-7668"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-3167"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9798"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-7679"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-9789"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-7659"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-3169"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-9788"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/nvd.cfm?cvename=cve-2017-9789"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://access.redhat.com/security/cve/cve-2017-7659"
},
{
"trust": 0.1,
"url": "https://access.redhat.com/jbossnetwork/restricted/listsoftware.html?product=core.service.apachehttp\u0026downloadtype=securitypatches\u0026version=2.4.23"
}
],
"sources": [
{
"db": "BID",
"id": "99135"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005023"
},
{
"db": "PACKETSTORM",
"id": "143146"
},
{
"db": "PACKETSTORM",
"id": "143561"
},
{
"db": "PACKETSTORM",
"id": "144791"
},
{
"db": "PACKETSTORM",
"id": "145457"
},
{
"db": "PACKETSTORM",
"id": "143785"
},
{
"db": "PACKETSTORM",
"id": "145455"
},
{
"db": "PACKETSTORM",
"id": "144968"
},
{
"db": "NVD",
"id": "CVE-2017-3167"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULMON",
"id": "CVE-2017-3167"
},
{
"db": "BID",
"id": "99135"
},
{
"db": "JVNDB",
"id": "JVNDB-2017-005023"
},
{
"db": "PACKETSTORM",
"id": "143146"
},
{
"db": "PACKETSTORM",
"id": "143561"
},
{
"db": "PACKETSTORM",
"id": "144791"
},
{
"db": "PACKETSTORM",
"id": "145457"
},
{
"db": "PACKETSTORM",
"id": "143785"
},
{
"db": "PACKETSTORM",
"id": "145455"
},
{
"db": "PACKETSTORM",
"id": "144968"
},
{
"db": "NVD",
"id": "CVE-2017-3167"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2017-06-20T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3167"
},
{
"date": "2017-06-19T00:00:00",
"db": "BID",
"id": "99135"
},
{
"date": "2017-07-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005023"
},
{
"date": "2017-06-26T23:34:52",
"db": "PACKETSTORM",
"id": "143146"
},
{
"date": "2017-07-31T18:22:22",
"db": "PACKETSTORM",
"id": "143561"
},
{
"date": "2017-10-30T15:38:41",
"db": "PACKETSTORM",
"id": "144791"
},
{
"date": "2017-12-17T15:29:14",
"db": "PACKETSTORM",
"id": "145457"
},
{
"date": "2017-08-16T23:35:53",
"db": "PACKETSTORM",
"id": "143785"
},
{
"date": "2017-12-17T15:27:58",
"db": "PACKETSTORM",
"id": "145455"
},
{
"date": "2017-11-14T04:32:05",
"db": "PACKETSTORM",
"id": "144968"
},
{
"date": "2017-06-20T01:29:00.330000",
"db": "NVD",
"id": "CVE-2017-3167"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2023-11-07T00:00:00",
"db": "VULMON",
"id": "CVE-2017-3167"
},
{
"date": "2017-08-16T08:10:00",
"db": "BID",
"id": "99135"
},
{
"date": "2018-02-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2017-005023"
},
{
"date": "2023-11-07T02:44:04.490000",
"db": "NVD",
"id": "CVE-2017-3167"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "network",
"sources": [
{
"db": "BID",
"id": "99135"
}
],
"trust": 0.3
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Apache httpd Vulnerabilities in authentication",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2017-005023"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Design Error",
"sources": [
{
"db": "BID",
"id": "99135"
}
],
"trust": 0.3
}
}
gsd-2017-3167
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2017-3167",
"description": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.",
"id": "GSD-2017-3167",
"references": [
"https://www.suse.com/security/cve/CVE-2017-3167.html",
"https://www.debian.org/security/2017/dsa-3896",
"https://access.redhat.com/errata/RHSA-2017:3477",
"https://access.redhat.com/errata/RHSA-2017:3476",
"https://access.redhat.com/errata/RHSA-2017:3475",
"https://access.redhat.com/errata/RHSA-2017:3195",
"https://access.redhat.com/errata/RHSA-2017:3194",
"https://access.redhat.com/errata/RHSA-2017:3193",
"https://access.redhat.com/errata/RHSA-2017:2483",
"https://access.redhat.com/errata/RHSA-2017:2479",
"https://access.redhat.com/errata/RHSA-2017:2478",
"https://ubuntu.com/security/CVE-2017-3167",
"https://advisories.mageia.org/CVE-2017-3167.html",
"https://security.archlinux.org/CVE-2017-3167",
"https://alas.aws.amazon.com/cve/html/CVE-2017-3167.html",
"https://linux.oracle.com/cve/CVE-2017-3167.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2017-3167"
],
"details": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed.",
"id": "GSD-2017-3167",
"modified": "2023-12-13T01:21:16.600240Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-3167",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Apache HTTP Server",
"version": {
"version_data": [
{
"version_value": "2.2.0 to 2.2.32"
},
{
"version_value": "2.4.0 to 2.4.25"
}
]
}
}
]
},
"vendor_name": "Apache Software Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authentication Bypass (CWE-287)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2017:2479",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"name": "RHSA-2017:2483",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180601-0002/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"name": "https://www.nomachine.com/SU08O00185",
"refsource": "CONFIRM",
"url": "https://www.nomachine.com/SU08O00185"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"name": "RHSA-2017:3475",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"name": "99135",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/99135"
},
{
"name": "RHSA-2017:3195",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "RHSA-2017:3476",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"name": "[dev] 20170619 CVE-2017-3167: ap_get_basic_auth_pw authentication bypass",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4@%3Cdev.httpd.apache.org%3E"
},
{
"name": "RHSA-2017:3477",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"name": "DSA-3896",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"name": "RHSA-2017:3194",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"name": "RHSA-2017:3193",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"name": "1038711",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038711"
},
{
"name": "GLSA-201710-32",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"name": "RHSA-2017:2478",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "https://www.tenable.com/security/tns-2019-09",
"refsource": "CONFIRM",
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [10/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.2.33",
"versionStartIncluding": "2.2.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:apache:http_server:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.4.26",
"versionStartIncluding": "2.4.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:7-mode:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_core_services:1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "10.13.1",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:secure_global_desktop:5.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@apache.org",
"ID": "CVE-2017-3167"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the ap_get_basic_auth_pw() by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[dev] 20170619 CVE-2017-3167: ap_get_basic_auth_pw authentication bypass",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Patch",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/8409e41a8f7dd9ded37141c38df001be930115428c3d64f70bbdb8b4@%3Cdev.httpd.apache.org%3E"
},
{
"name": "99135",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/99135"
},
{
"name": "1038711",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1038711"
},
{
"name": "https://www.nomachine.com/SU08O00185",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.nomachine.com/SU08O00185"
},
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
},
{
"name": "GLSA-201710-32",
"refsource": "GENTOO",
"tags": [
"Third Party Advisory"
],
"url": "https://security.gentoo.org/glsa/201710-32"
},
{
"name": "DSA-3896",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "http://www.debian.org/security/2017/dsa-3896"
},
{
"name": "https://support.apple.com/HT208221",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.apple.com/HT208221"
},
{
"name": "RHSA-2017:3195",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3195"
},
{
"name": "RHSA-2017:3194",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3194"
},
{
"name": "RHSA-2017:3193",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3193"
},
{
"name": "RHSA-2017:3477",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3477"
},
{
"name": "RHSA-2017:3476",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3476"
},
{
"name": "RHSA-2017:3475",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:3475"
},
{
"name": "RHSA-2017:2483",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2483"
},
{
"name": "RHSA-2017:2479",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2479"
},
{
"name": "RHSA-2017:2478",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2017:2478"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180601-0002/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180601-0002/"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03908en_us"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "https://www.tenable.com/security/tns-2019-09",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://www.tenable.com/security/tns-2019-09"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048743 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20190815 svn commit: r1048742 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058586 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20200401 svn commit: r1058587 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [4/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073140 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073139 [10/13] - in /websites/staging/httpd/trunk/content: ./ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r04e89e873d54116a0635ef2f7061c15acc5ed27ef7500997beb65d6f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1888194 [10/13] - /httpd/site/trunk/content/security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/re1e3a24664d35bcd0a0e793e0b5fc6ca6c107f99a1b2c545c5d4b467@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073149 [11/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Vendor Advisory"
],
"url": "https://lists.apache.org/thread.html/r6521a7f62276340eabdb3339b2aa9a38c5f59d978497a1f794af53be@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210606 svn commit: r1075470 [3/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E"
},
{
"name": "[httpd-cvs] 20210330 svn commit: r1073146 [3/3] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities-httpd.xml security/vulnerabilities_22.html security/vulnerabilities_24.html",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/rcc44594d4d6579b90deccd4536b5d31f099ef563df39b094be286b9e@%3Ccvs.httpd.apache.org%3E"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": true,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2021-06-06T11:15Z",
"publishedDate": "2017-06-20T01:29Z"
}
}
}
Loading...