Action not permitted
Modal body text goes here.
cve-2019-1551
Vulnerability from cvelistv5
Published
2019-12-06 17:20
Modified
2024-09-16 19:40
Severity ?
EPSS score ?
Summary
rsaz_512_sqr overflow bug on x86_64
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T18:20:28.285Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20191225 [slackware-security] openssl (SSA:2019-354-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Dec/39" }, { "name": "DSA-4594", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2019/dsa-4594" }, { "name": "20191229 [SECURITY] [DSA 4594-1] openssl1.0 security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "https://seclists.org/bugtraq/2019/Dec/46" }, { "name": "openSUSE-SU-2020:0062", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html" }, { "name": "GLSA-202004-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/202004-10" }, { "name": "FEDORA-2020-fcc91a28e8", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/" }, { "name": "FEDORA-2020-da2d1ef2d7", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/" }, { "name": "FEDORA-2020-d7b29838f6", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/" }, { "name": "USN-4376-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4376-1/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.tenable.com/security/tns-2019-09" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.openssl.org/news/secadv/20191206.txt" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=419102400a2811582a7a3d4a4e317d72e5ce0a8f" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=f1c5eea8a817075d31e43f5876993c6710238c98" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20191210-0001/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.tenable.com/security/tns-2020-03" }, { "name": "USN-4504-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/4504-1/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.tenable.com/security/tns-2020-11" }, { "name": "DSA-4855", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2021/dsa-4855" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "name": "[debian-lts-announce] 20220317 [SECURITY] [DLA 2952-1] openssl security update", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "OpenSSL", "vendor": "OpenSSL", "versions": [ { "status": "affected", "version": "Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d)" }, { "status": "affected", "version": "Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t)" } ] } ], "credits": [ { "lang": "en", "value": "OSS-Fuzz and Guido Vranken" } ], "datePublic": "2019-12-06T00:00:00", "descriptions": [ { "lang": "en", "value": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t)." } ], "metrics": [ { "other": { "content": { "lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#Low", "value": "Low" }, "type": "unknown" } } ], "problemTypes": [ { "descriptions": [ { "description": "Integer overflow bug", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-03-17T11:06:09", "orgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "shortName": "openssl" }, "references": [ { "name": "20191225 [slackware-security] openssl (SSA:2019-354-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Dec/39" }, { "name": "DSA-4594", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2019/dsa-4594" }, { "name": "20191229 [SECURITY] [DSA 4594-1] openssl1.0 security update", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "https://seclists.org/bugtraq/2019/Dec/46" }, { "name": "openSUSE-SU-2020:0062", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html" }, { "name": "GLSA-202004-10", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/202004-10" }, { "name": "FEDORA-2020-fcc91a28e8", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/" }, { "name": "FEDORA-2020-da2d1ef2d7", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/" }, { "name": "FEDORA-2020-d7b29838f6", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/" }, { "name": "USN-4376-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4376-1/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.tenable.com/security/tns-2019-09" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.openssl.org/news/secadv/20191206.txt" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=419102400a2811582a7a3d4a4e317d72e5ce0a8f" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=f1c5eea8a817075d31e43f5876993c6710238c98" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20191210-0001/" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.tenable.com/security/tns-2020-03" }, { "name": "USN-4504-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/4504-1/" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.tenable.com/security/tns-2020-11" }, { "name": "DSA-4855", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2021/dsa-4855" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "name": "[debian-lts-announce] 20220317 [SECURITY] [DLA 2952-1] openssl security update", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" } ], "title": "rsaz_512_sqr overflow bug on x86_64", "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "openssl-security@openssl.org", "DATE_PUBLIC": "2019-12-06", "ID": "CVE-2019-1551", "STATE": "PUBLIC", "TITLE": "rsaz_512_sqr overflow bug on x86_64" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "OpenSSL", "version": { "version_data": [ { "version_value": "Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d)" }, { "version_value": "Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t)" } ] } } ] }, "vendor_name": "OpenSSL" } ] } }, "credit": [ { "lang": "eng", "value": "OSS-Fuzz and Guido Vranken" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t)." } ] }, "impact": [ { "lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#Low", "value": "Low" } ], "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Integer overflow bug" } ] } ] }, "references": { "reference_data": [ { "name": "20191225 [slackware-security] openssl (SSA:2019-354-01)", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Dec/39" }, { "name": "DSA-4594", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4594" }, { "name": "20191229 [SECURITY] [DSA 4594-1] openssl1.0 security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Dec/46" }, { "name": "openSUSE-SU-2020:0062", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html" }, { "name": "GLSA-202004-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202004-10" }, { "name": "FEDORA-2020-fcc91a28e8", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/" }, { "name": "FEDORA-2020-da2d1ef2d7", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/" }, { "name": "FEDORA-2020-d7b29838f6", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/" }, { "name": "USN-4376-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4376-1/" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://www.tenable.com/security/tns-2019-09", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2019-09" }, { "name": "https://www.openssl.org/news/secadv/20191206.txt", "refsource": "CONFIRM", "url": "https://www.openssl.org/news/secadv/20191206.txt" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98" }, { "name": "https://security.netapp.com/advisory/ntap-20191210-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20191210-0001/" }, { "name": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html" }, { "name": "https://www.tenable.com/security/tns-2020-03", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2020-03" }, { "name": "USN-4504-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4504-1/" }, { "name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "https://www.tenable.com/security/tns-2020-11", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2020-11" }, { "name": "DSA-4855", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4855" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://www.tenable.com/security/tns-2021-10", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2021-10" }, { "name": "[debian-lts-announce] 20220317 [SECURITY] [DLA 2952-1] openssl security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" } ] } } } }, "cveMetadata": { "assignerOrgId": "3a12439a-ef3a-4c79-92e6-6081a721f1e5", "assignerShortName": "openssl", "cveId": "CVE-2019-1551", "datePublished": "2019-12-06T17:20:14.842234Z", "dateReserved": "2018-11-28T00:00:00", "dateUpdated": "2024-09-16T19:40:14.240Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2019-1551\",\"sourceIdentifier\":\"openssl-security@openssl.org\",\"published\":\"2019-12-06T18:15:12.840\",\"lastModified\":\"2023-11-07T03:08:28.980\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).\"},{\"lang\":\"es\",\"value\":\"Hay un error de desbordamiento en el procedimiento de cuadratura Montgomery x64_64 utilizado en exponenciaci\u00f3n con m\u00f3dulos de 512 bits. No hay algoritmos EC afectados. El an\u00e1lisis sugiere que los ataques contra 2-prime RSA1024, 3-prime RSA1536 y DSA1024 como resultado de este defecto ser\u00edan muy dif\u00edciles de realizar y no se cree probable. Los ataques contra DH512 se consideran simplemente factibles. Sin embargo, para un ataque, el objetivo tendr\u00eda que reutilizar la clave privada DH512, que de todos modos no se recomienda. Tambi\u00e9n las aplicaciones que usan directamente la API de bajo nivel BN_mod_exp pueden verse afectadas si usan BN_FLG_CONSTTIME. Corregido en OpenSSL 1.1.1e (afectado 1.1.1-1.1.1d). Corregido en OpenSSL 1.0.2u (afectado 1.0.2-1.0.2t).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:N/A:N\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.0.2\",\"versionEndIncluding\":\"1.0.2t\",\"matchCriteriaId\":\"CB593B7C-3D0B-4A2B-BB53-DB2708983D6A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.1.1\",\"versionEndIncluding\":\"1.1.1d\",\"matchCriteriaId\":\"2D3BF86F-708B-49E5-B8A3-C56C977D3232\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B095CC03-7077-4A58-AB25-CC5380CDCE5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.0.12\",\"matchCriteriaId\":\"9A3BBE71-CA00-4F54-9210-FC7572C87CFB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"8.0.0\",\"versionEndIncluding\":\"8.0.20\",\"matchCriteriaId\":\"73573516-EDA0-4176-A3ED-2F7006C87F8E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D0A735B4-4F3C-416B-8C08-9CB21BAD2889\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E1E416B-920B-49A0-9523-382898C2979D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D9DB4A14-2EF5-4B54-95D2-75E6CF9AA0A9\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A31C8344-3E02-4EB8-8BD8-4C84B7959624\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"97A4B8DF-58DA-4AB6-A1F9-331B36409BA3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.0.9\",\"matchCriteriaId\":\"4ACF85D6-6B45-43DA-9C01-F0208186F014\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=419102400a2811582a7a3d4a4e317d72e5ce0a8f\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=f1c5eea8a817075d31e43f5876993c6710238c98\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/\",\"source\":\"openssl-security@openssl.org\"},{\"url\":\"https://seclists.org/bugtraq/2019/Dec/39\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/Dec/46\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202004-10\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20191210-0001/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4376-1/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4504-1/\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4594\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2021/dsa-4855\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.openssl.org/news/secadv/20191206.txt\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuApr2021.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2021.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujul2020.html\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2019-09\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2020-03\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2020-11\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.tenable.com/security/tns-2021-10\",\"source\":\"openssl-security@openssl.org\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
wid-sec-w-2023-1761
Vulnerability from csaf_certbund
Published
2019-12-08 23:00
Modified
2024-06-04 22:00
Summary
OpenSSL: Schwachstelle ermöglicht Umgehen von Sicherheitsvorkehrungen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
OpenSSL ist eine im Quelltext frei verfügbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.
Angriff
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{ "document": { "aggregate_severity": { "text": "mittel" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "OpenSSL ist eine im Quelltext frei verf\u00fcgbare Bibliothek, die Secure Sockets Layer (SSL) und Transport Layer Security (TLS) implementiert.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in OpenSSL ausnutzen, um Sicherheitsvorkehrungen zu umgehen.", "title": "Angriff" }, { "category": "general", "text": "- Linux\n- UNIX\n- Windows", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2023-1761 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2023-1761.json" }, { "category": "self", "summary": "WID-SEC-2023-1761 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1761" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:0069-1 vom 2020-01-10", "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200069-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:0064-1 vom 2020-01-10", "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200064-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:0028-1 vom 2020-01-07", "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200028-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:0099-1 vom 2020-01-15", "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200099-1.html" }, { "category": "external", "summary": "OpenSSL Security Advisory vom 2019-12-08", "url": "http://www.openssl.org/news/secadv/20191206.txt" }, { "category": "external", "summary": "Debian Security Advisory DSA-4594 vom 2019-12-28", "url": "https://www.debian.org/security/2019/dsa-4594" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:0002-1 vom 2020-01-02", "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200002-1.html" }, { "category": "external", "summary": "SUSE Security Update SUSE-SU-2020:0474-1 vom 2020-02-25", "url": "https://www.suse.com/support/update/announcement/2020/suse-su-20200474-1.html" }, { "category": "external", "summary": "A10 Security Advisory", "url": "https://support.a10networks.com/support/security_advisory/ssl-cve-2019-1551/" }, { "category": "external", "summary": "Tenable Security Advisory", "url": "https://de.tenable.com/security/tns-2020-03" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4376-1 vom 2020-05-28", "url": "https://usn.ubuntu.com/4376-1/" }, { "category": "external", "summary": "Juniper Security Advisory JSA11025 vom 2020-07-08", "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA11025" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4376-2 vom 2020-07-09", "url": "https://usn.ubuntu.com/4376-2/" }, { "category": "external", "summary": "EMC Security Advisory DSA-2020-179 vom 2020-07-14", "url": "https://www.dell.com/support/security/de-de/details/545120/DSA-2020-179-Dell-EMC-Data-Domain-Security-Update-for-OpenSSL-Vulnerabilities" }, { "category": "external", "summary": "Sophos UTM Up2Date", "url": "https://community.sophos.com/products/unified-threat-management/b/blog/posts/utm-up2date-9-704-released" }, { "category": "external", "summary": "Ubuntu Security Notice USN-4504-1 vom 2020-09-16", "url": "https://usn.ubuntu.com/4504-1/" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:4383 vom 2020-10-28", "url": "https://access.redhat.com/errata/RHSA-2020:4383" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:4384 vom 2020-10-28", "url": "https://access.redhat.com/errata/RHSA-2020:4384" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:4514 vom 2020-11-04", "url": "https://access.redhat.com/errata/RHSA-2020:4514" }, { "category": "external", "summary": "Red Hat Security Advisory RHSA-2020:5149 vom 2020-11-18", "url": "https://access.redhat.com/errata/RHSA-2020:5149" }, { "category": "external", "summary": "AVAYA Security Advisory ASA-2020-156 vom 2020-12-08", "url": "https://downloads.avaya.com/css/P8/documents/101072826" }, { "category": "external", "summary": "Debian Security Advisory DSA-4855 vom 2021-02-18", "url": "https://www.debian.org/security/2021/dsa-4855" }, { "category": "external", "summary": "Amazon Linux Security Advisory ALAS-2021-1687 vom 2021-07-16", "url": "https://alas.aws.amazon.com/AL2/ALAS-2021-1687.html" }, { "category": "external", "summary": "Debian Security Advisory DLA-2952 vom 2022-03-17", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" }, { "category": "external", "summary": "Dell Knowledge Base Article", "url": "https://www.dell.com/support/kbdoc/en-us/000221474/dsa-2024-059-security-update-for-dell-networker-multiple-components-vulnerabilities" }, { "category": "external", "summary": "Hitachi Vulnerability Information HITACHI-SEC-2023-126 vom 2023-07-18", "url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-126/index.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-32790 vom 2023-12-07", "url": "https://linux.oracle.com/errata/ELSA-2023-32790.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-13025 vom 2023-12-07", "url": "https://linux.oracle.com/errata/ELSA-2023-13025.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-13026 vom 2023-12-07", "url": "https://linux.oracle.com/errata/ELSA-2023-13026.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-13024 vom 2023-12-07", "url": "https://linux.oracle.com/errata/ELSA-2023-13024.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-13027 vom 2023-12-07", "url": "https://linux.oracle.com/errata/ELSA-2023-13027.html" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2023-32791 vom 2023-12-07", "url": "https://linux.oracle.com/errata/ELSA-2023-32791.html" }, { "category": "external", "summary": "IBM Security Bulletin 7145367 vom 2024-03-27", "url": "https://www.ibm.com/support/pages/node/7145367" }, { "category": "external", "summary": "Oracle Linux Security Advisory ELSA-2024-12408 vom 2024-06-05", "url": "https://linux.oracle.com/errata/ELSA-2024-12408.html" } ], "source_lang": "en-US", "title": "OpenSSL: Schwachstelle erm\u00f6glicht Umgehen von Sicherheitsvorkehrungen", "tracking": { "current_release_date": "2024-06-04T22:00:00.000+00:00", "generator": { "date": "2024-06-05T08:09:17.127+00:00", "engine": { "name": "BSI-WID", "version": "1.3.0" } }, "id": "WID-SEC-W-2023-1761", "initial_release_date": "2019-12-08T23:00:00.000+00:00", "revision_history": [ { "date": "2019-12-08T23:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" }, { "date": "2019-12-29T23:00:00.000+00:00", "number": "2", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2020-01-02T23:00:00.000+00:00", "number": "3", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2020-01-07T23:00:00.000+00:00", "number": "4", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2020-01-12T23:00:00.000+00:00", "number": "5", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2020-01-14T23:00:00.000+00:00", "number": "6", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2020-02-25T23:00:00.000+00:00", "number": "7", "summary": "Neue Updates von SUSE aufgenommen" }, { "date": "2020-03-05T23:00:00.000+00:00", "number": "8", "summary": "Neue Updates aufgenommen" }, { "date": "2020-04-28T22:00:00.000+00:00", "number": "9", "summary": "Neue Updates von Tenable aufgenommen" }, { "date": "2020-05-28T22:00:00.000+00:00", "number": "10", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2020-07-08T22:00:00.000+00:00", "number": "11", "summary": "Neue Updates von Juniper aufgenommen" }, { "date": "2020-07-09T22:00:00.000+00:00", "number": "12", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2020-07-13T22:00:00.000+00:00", "number": "13", "summary": "Neue Updates von EMC aufgenommen" }, { "date": "2020-08-05T22:00:00.000+00:00", "number": "14", "summary": "Neue Updates aufgenommen" }, { "date": "2020-09-16T22:00:00.000+00:00", "number": "15", "summary": "Neue Updates von Ubuntu aufgenommen" }, { "date": "2020-10-28T23:00:00.000+00:00", "number": "16", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-11-03T23:00:00.000+00:00", "number": "17", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-11-18T23:00:00.000+00:00", "number": "18", "summary": "Neue Updates von Red Hat aufgenommen" }, { "date": "2020-12-09T23:00:00.000+00:00", "number": "19", "summary": "Neue Updates von AVAYA aufgenommen" }, { "date": "2021-02-18T23:00:00.000+00:00", "number": "20", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2021-07-18T22:00:00.000+00:00", "number": "21", "summary": "Neue Updates von Amazon aufgenommen" }, { "date": "2022-03-17T23:00:00.000+00:00", "number": "22", "summary": "Neue Updates von Debian aufgenommen" }, { "date": "2023-07-17T22:00:00.000+00:00", "number": "23", "summary": "Neue Updates von HITACHI aufgenommen" }, { "date": "2023-07-18T22:00:00.000+00:00", "number": "24", "summary": "Hitachi Produkte erg\u00e4nzt." }, { "date": "2023-12-07T23:00:00.000+00:00", "number": "25", "summary": "Neue Updates von Oracle Linux aufgenommen" }, { "date": "2024-01-25T23:00:00.000+00:00", "number": "26", "summary": "Neue Updates von Dell aufgenommen" }, { "date": "2024-03-27T23:00:00.000+00:00", "number": "27", "summary": "Neue Updates von IBM aufgenommen" }, { "date": "2024-06-04T22:00:00.000+00:00", "number": "28", "summary": "Neue Updates von Oracle Linux aufgenommen" } ], "status": "final", "version": "28" } }, "product_tree": { "branches": [ { "branches": [ { "category": "product_name", "name": "Amazon Linux 2", "product": { "name": "Amazon Linux 2", "product_id": "398363", "product_identification_helper": { "cpe": "cpe:/o:amazon:linux_2:-" } } } ], "category": "vendor", "name": "Amazon" }, { "branches": [ { "category": "product_name", "name": "Avaya Aura Experience Portal", "product": { "name": "Avaya Aura Experience Portal", "product_id": "T015519", "product_identification_helper": { "cpe": "cpe:/a:avaya:aura_experience_portal:-" } } } ], "category": "vendor", "name": "Avaya" }, { "branches": [ { "category": "product_name", "name": "Debian Linux", "product": { "name": "Debian Linux", "product_id": "2951", "product_identification_helper": { "cpe": "cpe:/o:debian:debian_linux:-" } } } ], "category": "vendor", "name": "Debian" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c19.10", "product": { "name": "Dell NetWorker \u003c19.10", "product_id": "T032354", "product_identification_helper": { "cpe": "cpe:/a:dell:networker:19.10" } } } ], "category": "product_name", "name": "NetWorker" } ], "category": "vendor", "name": "Dell" }, { "branches": [ { "category": "product_name", "name": "Hitachi Command Suite", "product": { "name": "Hitachi Command Suite", "product_id": "T010951", "product_identification_helper": { "cpe": "cpe:/a:hitachi:command_suite:-" } } }, { "category": "product_name", "name": "Hitachi Configuration Manager", "product": { "name": "Hitachi Configuration Manager", "product_id": "T020304", "product_identification_helper": { "cpe": "cpe:/a:hitachi:configuration_manager:-" } } }, { "category": "product_name", "name": "Hitachi Ops Center", "product": { "name": "Hitachi Ops Center", "product_id": "T017562", "product_identification_helper": { "cpe": "cpe:/a:hitachi:ops_center:-" } } } ], "category": "vendor", "name": "Hitachi" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c7.5.0 UP8", "product": { "name": "IBM QRadar SIEM \u003c7.5.0 UP8", "product_id": "T033681", "product_identification_helper": { "cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up8" } } } ], "category": "product_name", "name": "QRadar SIEM" } ], "category": "vendor", "name": "IBM" }, { "branches": [ { "branches": [ { "category": "product_version_range", "name": "\u003c20.1R1", "product": { "name": "Juniper Junos Space \u003c20.1R1", "product_id": "T016874", "product_identification_helper": { "cpe": "cpe:/a:juniper:junos_space:20.1r1" } } } ], "category": "product_name", "name": "Junos Space" } ], "category": "vendor", "name": "Juniper" }, { "branches": [ { "branches": [ { "category": "product_version", "name": "1.0.2", "product": { "name": "Open Source OpenSSL 1.0.2", "product_id": "228243", "product_identification_helper": { "cpe": "cpe:/a:openssl:openssl:1.0.2" } } }, { "category": "product_version", "name": "1.1.1", "product": { "name": "Open Source OpenSSL 1.1.1", "product_id": "402226", "product_identification_helper": { "cpe": "cpe:/a:openssl:openssl:1.1.1" } } } ], "category": "product_name", "name": "OpenSSL" } ], "category": "vendor", "name": "Open Source" }, { "branches": [ { "category": "product_name", "name": "Oracle Linux", "product": { "name": "Oracle Linux", "product_id": "T004914", "product_identification_helper": { "cpe": "cpe:/o:oracle:linux:-" } } } ], "category": "vendor", "name": "Oracle" }, { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux", "product": { "name": "Red Hat Enterprise Linux", "product_id": "67646", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:-" } } } ], "category": "vendor", "name": "Red Hat" }, { "branches": [ { "category": "product_name", "name": "SUSE Linux", "product": { "name": "SUSE Linux", "product_id": "T002207", "product_identification_helper": { "cpe": "cpe:/o:suse:suse_linux:-" } } } ], "category": "vendor", "name": "SUSE" }, { "branches": [ { "category": "product_name", "name": "Tenable Security Nessus", "product": { "name": "Tenable Security Nessus", "product_id": "T016399", "product_identification_helper": { "cpe": "cpe:/a:tenable:nessus:-" } } } ], "category": "vendor", "name": "Tenable Security" }, { "branches": [ { "category": "product_name", "name": "Ubuntu Linux", "product": { "name": "Ubuntu Linux", "product_id": "T000126", "product_identification_helper": { "cpe": "cpe:/o:canonical:ubuntu_linux:-" } } } ], "category": "vendor", "name": "Ubuntu" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-1551", "notes": [ { "category": "description", "text": "Es existiert eine Schwachstelle in OpenSSL, welche auf einen Overflow bei der \"x64_64 Montgomery\" Berechnung zur\u00fcckzuf\u00fchren ist. Ein Angreifer kann diese Schwachstelle ausnutzen, um einen Angriff gegen verschiedene kryptographische Funktionen durchzuf\u00fchren. Ein solcher Angriff wird von den Herstellern jedoch als sehr schwer umsetzbar eingesch\u00e4tzt, weswegen von keiner Ausnutzung ausgegangen wird. Zur erfolgreichen Ausnutzung dieser Schwachstelle ist eine Benutzerinteraktion erforderlich." } ], "product_status": { "known_affected": [ "T015519", "67646", "T010951", "T033681", "T004914", "T016399", "T032354", "T017562", "2951", "T002207", "228243", "T000126", "T020304", "402226", "398363" ] }, "release_date": "2019-12-08T23:00:00Z", "title": "CVE-2019-1551" } ] }
rhsa-2020_4514
Vulnerability from csaf_redhat
Published
2020-11-04 02:16
Modified
2024-11-05 22:54
Summary
Red Hat Security Advisory: openssl security, bug fix, and enhancement update
Notes
Topic
An update for openssl is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.
The following packages have been upgraded to a later upstream version: openssl (1.1.1g). (BZ#1817593)
Security Fix(es):
* openssl: Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Low" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for openssl is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, as well as a full-strength general-purpose cryptography library.\n\nThe following packages have been upgraded to a later upstream version: openssl (1.1.1g). (BZ#1817593)\n\nSecurity Fix(es):\n\n* openssl: Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:4514", "url": "https://access.redhat.com/errata/RHSA-2020:4514" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#low", "url": "https://access.redhat.com/security/updates/classification/#low" }, { "category": "external", "summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/", "url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/" }, { "category": "external", "summary": "1780995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780995" }, { "category": "external", "summary": "1844607", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1844607" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4514.json" } ], "title": "Red Hat Security Advisory: openssl security, bug fix, and enhancement update", "tracking": { "current_release_date": "2024-11-05T22:54:37+00:00", "generator": { "date": "2024-11-05T22:54:37+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2020:4514", "initial_release_date": "2020-11-04T02:16:25+00:00", "revision_history": [ { "date": "2020-11-04T02:16:25+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-11-04T02:16:25+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T22:54:37+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product": { "name": "Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA", "product_identification_helper": { "cpe": "cpe:/o:redhat:enterprise_linux:8::baseos" } } } ], "category": "product_family", "name": "Red Hat Enterprise Linux" }, { "branches": [ { "category": "product_version", "name": "openssl-1:1.1.1g-11.el8.ppc64le", "product": { "name": "openssl-1:1.1.1g-11.el8.ppc64le", "product_id": "openssl-1:1.1.1g-11.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.1.1g-11.el8?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.1.1g-11.el8.ppc64le", "product": { "name": "openssl-devel-1:1.1.1g-11.el8.ppc64le", "product_id": "openssl-devel-1:1.1.1g-11.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@1.1.1g-11.el8?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.1.1g-11.el8.ppc64le", "product": { "name": "openssl-libs-1:1.1.1g-11.el8.ppc64le", "product_id": "openssl-libs-1:1.1.1g-11.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-libs@1.1.1g-11.el8?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-perl-1:1.1.1g-11.el8.ppc64le", "product": { "name": "openssl-perl-1:1.1.1g-11.el8.ppc64le", "product_id": "openssl-perl-1:1.1.1g-11.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@1.1.1g-11.el8?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-debugsource-1:1.1.1g-11.el8.ppc64le", "product": { "name": "openssl-debugsource-1:1.1.1g-11.el8.ppc64le", "product_id": "openssl-debugsource-1:1.1.1g-11.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debugsource@1.1.1g-11.el8?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-debuginfo-1:1.1.1g-11.el8.ppc64le", "product": { "name": "openssl-debuginfo-1:1.1.1g-11.el8.ppc64le", "product_id": "openssl-debuginfo-1:1.1.1g-11.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@1.1.1g-11.el8?arch=ppc64le\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.ppc64le", "product": { "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.ppc64le", "product_id": "openssl-libs-debuginfo-1:1.1.1g-11.el8.ppc64le", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@1.1.1g-11.el8?arch=ppc64le\u0026epoch=1" } } } ], "category": "architecture", "name": "ppc64le" }, { "branches": [ { "category": "product_version", "name": "openssl-1:1.1.1g-11.el8.s390x", "product": { "name": "openssl-1:1.1.1g-11.el8.s390x", "product_id": "openssl-1:1.1.1g-11.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.1.1g-11.el8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.1.1g-11.el8.s390x", "product": { "name": "openssl-devel-1:1.1.1g-11.el8.s390x", "product_id": "openssl-devel-1:1.1.1g-11.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@1.1.1g-11.el8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.1.1g-11.el8.s390x", "product": { "name": "openssl-libs-1:1.1.1g-11.el8.s390x", "product_id": "openssl-libs-1:1.1.1g-11.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-libs@1.1.1g-11.el8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-perl-1:1.1.1g-11.el8.s390x", "product": { "name": "openssl-perl-1:1.1.1g-11.el8.s390x", "product_id": "openssl-perl-1:1.1.1g-11.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@1.1.1g-11.el8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-debugsource-1:1.1.1g-11.el8.s390x", "product": { "name": "openssl-debugsource-1:1.1.1g-11.el8.s390x", "product_id": "openssl-debugsource-1:1.1.1g-11.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debugsource@1.1.1g-11.el8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-debuginfo-1:1.1.1g-11.el8.s390x", "product": { "name": "openssl-debuginfo-1:1.1.1g-11.el8.s390x", "product_id": "openssl-debuginfo-1:1.1.1g-11.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@1.1.1g-11.el8?arch=s390x\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.s390x", "product": { "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.s390x", "product_id": "openssl-libs-debuginfo-1:1.1.1g-11.el8.s390x", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@1.1.1g-11.el8?arch=s390x\u0026epoch=1" } } } ], "category": "architecture", "name": "s390x" }, { "branches": [ { "category": "product_version", "name": "openssl-1:1.1.1g-11.el8.x86_64", "product": { "name": "openssl-1:1.1.1g-11.el8.x86_64", "product_id": "openssl-1:1.1.1g-11.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.1.1g-11.el8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.1.1g-11.el8.x86_64", "product": { "name": "openssl-devel-1:1.1.1g-11.el8.x86_64", "product_id": "openssl-devel-1:1.1.1g-11.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@1.1.1g-11.el8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.1.1g-11.el8.x86_64", "product": { "name": "openssl-libs-1:1.1.1g-11.el8.x86_64", "product_id": "openssl-libs-1:1.1.1g-11.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-libs@1.1.1g-11.el8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-perl-1:1.1.1g-11.el8.x86_64", "product": { "name": "openssl-perl-1:1.1.1g-11.el8.x86_64", "product_id": "openssl-perl-1:1.1.1g-11.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@1.1.1g-11.el8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-debugsource-1:1.1.1g-11.el8.x86_64", "product": { "name": "openssl-debugsource-1:1.1.1g-11.el8.x86_64", "product_id": "openssl-debugsource-1:1.1.1g-11.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debugsource@1.1.1g-11.el8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-debuginfo-1:1.1.1g-11.el8.x86_64", "product": { "name": "openssl-debuginfo-1:1.1.1g-11.el8.x86_64", "product_id": "openssl-debuginfo-1:1.1.1g-11.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@1.1.1g-11.el8?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.x86_64", "product": { "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.x86_64", "product_id": "openssl-libs-debuginfo-1:1.1.1g-11.el8.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@1.1.1g-11.el8?arch=x86_64\u0026epoch=1" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openssl-devel-1:1.1.1g-11.el8.i686", "product": { "name": "openssl-devel-1:1.1.1g-11.el8.i686", "product_id": "openssl-devel-1:1.1.1g-11.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@1.1.1g-11.el8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.1.1g-11.el8.i686", "product": { "name": "openssl-libs-1:1.1.1g-11.el8.i686", "product_id": "openssl-libs-1:1.1.1g-11.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-libs@1.1.1g-11.el8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-debugsource-1:1.1.1g-11.el8.i686", "product": { "name": "openssl-debugsource-1:1.1.1g-11.el8.i686", "product_id": "openssl-debugsource-1:1.1.1g-11.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debugsource@1.1.1g-11.el8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-debuginfo-1:1.1.1g-11.el8.i686", "product": { "name": "openssl-debuginfo-1:1.1.1g-11.el8.i686", "product_id": "openssl-debuginfo-1:1.1.1g-11.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@1.1.1g-11.el8?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.i686", "product": { "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.i686", "product_id": "openssl-libs-debuginfo-1:1.1.1g-11.el8.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@1.1.1g-11.el8?arch=i686\u0026epoch=1" } } } ], "category": "architecture", "name": "i686" }, { "branches": [ { "category": "product_version", "name": "openssl-1:1.1.1g-11.el8.aarch64", "product": { "name": "openssl-1:1.1.1g-11.el8.aarch64", "product_id": "openssl-1:1.1.1g-11.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.1.1g-11.el8?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-devel-1:1.1.1g-11.el8.aarch64", "product": { "name": "openssl-devel-1:1.1.1g-11.el8.aarch64", "product_id": "openssl-devel-1:1.1.1g-11.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-devel@1.1.1g-11.el8?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-1:1.1.1g-11.el8.aarch64", "product": { "name": "openssl-libs-1:1.1.1g-11.el8.aarch64", "product_id": "openssl-libs-1:1.1.1g-11.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-libs@1.1.1g-11.el8?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-perl-1:1.1.1g-11.el8.aarch64", "product": { "name": "openssl-perl-1:1.1.1g-11.el8.aarch64", "product_id": "openssl-perl-1:1.1.1g-11.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-perl@1.1.1g-11.el8?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-debugsource-1:1.1.1g-11.el8.aarch64", "product": { "name": "openssl-debugsource-1:1.1.1g-11.el8.aarch64", "product_id": "openssl-debugsource-1:1.1.1g-11.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debugsource@1.1.1g-11.el8?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-debuginfo-1:1.1.1g-11.el8.aarch64", "product": { "name": "openssl-debuginfo-1:1.1.1g-11.el8.aarch64", "product_id": "openssl-debuginfo-1:1.1.1g-11.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-debuginfo@1.1.1g-11.el8?arch=aarch64\u0026epoch=1" } } }, { "category": "product_version", "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.aarch64", "product": { "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.aarch64", "product_id": "openssl-libs-debuginfo-1:1.1.1g-11.el8.aarch64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl-libs-debuginfo@1.1.1g-11.el8?arch=aarch64\u0026epoch=1" } } } ], "category": "architecture", "name": "aarch64" }, { "branches": [ { "category": "product_version", "name": "openssl-1:1.1.1g-11.el8.src", "product": { "name": "openssl-1:1.1.1g-11.el8.src", "product_id": "openssl-1:1.1.1g-11.el8.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openssl@1.1.1g-11.el8?arch=src\u0026epoch=1" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.1.1g-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.aarch64" }, "product_reference": "openssl-1:1.1.1g-11.el8.aarch64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.1.1g-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.ppc64le" }, "product_reference": "openssl-1:1.1.1g-11.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.1.1g-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.s390x" }, "product_reference": "openssl-1:1.1.1g-11.el8.s390x", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.1.1g-11.el8.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.src" }, "product_reference": "openssl-1:1.1.1g-11.el8.src", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-1:1.1.1g-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.x86_64" }, "product_reference": "openssl-1:1.1.1g-11.el8.x86_64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-1:1.1.1g-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.aarch64" }, "product_reference": "openssl-debuginfo-1:1.1.1g-11.el8.aarch64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-1:1.1.1g-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.i686" }, "product_reference": "openssl-debuginfo-1:1.1.1g-11.el8.i686", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-1:1.1.1g-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.ppc64le" }, "product_reference": "openssl-debuginfo-1:1.1.1g-11.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-1:1.1.1g-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.s390x" }, "product_reference": "openssl-debuginfo-1:1.1.1g-11.el8.s390x", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debuginfo-1:1.1.1g-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.x86_64" }, "product_reference": "openssl-debuginfo-1:1.1.1g-11.el8.x86_64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debugsource-1:1.1.1g-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.aarch64" }, "product_reference": "openssl-debugsource-1:1.1.1g-11.el8.aarch64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debugsource-1:1.1.1g-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.i686" }, "product_reference": "openssl-debugsource-1:1.1.1g-11.el8.i686", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debugsource-1:1.1.1g-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.ppc64le" }, "product_reference": "openssl-debugsource-1:1.1.1g-11.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debugsource-1:1.1.1g-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.s390x" }, "product_reference": "openssl-debugsource-1:1.1.1g-11.el8.s390x", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-debugsource-1:1.1.1g-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.x86_64" }, "product_reference": "openssl-debugsource-1:1.1.1g-11.el8.x86_64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.1.1g-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.aarch64" }, "product_reference": "openssl-devel-1:1.1.1g-11.el8.aarch64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.1.1g-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.i686" }, "product_reference": "openssl-devel-1:1.1.1g-11.el8.i686", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.1.1g-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.ppc64le" }, "product_reference": "openssl-devel-1:1.1.1g-11.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.1.1g-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.s390x" }, "product_reference": "openssl-devel-1:1.1.1g-11.el8.s390x", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-devel-1:1.1.1g-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.x86_64" }, "product_reference": "openssl-devel-1:1.1.1g-11.el8.x86_64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.1.1g-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.aarch64" }, "product_reference": "openssl-libs-1:1.1.1g-11.el8.aarch64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.1.1g-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.i686" }, "product_reference": "openssl-libs-1:1.1.1g-11.el8.i686", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.1.1g-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.ppc64le" }, "product_reference": "openssl-libs-1:1.1.1g-11.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.1.1g-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.s390x" }, "product_reference": "openssl-libs-1:1.1.1g-11.el8.s390x", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-1:1.1.1g-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.x86_64" }, "product_reference": "openssl-libs-1:1.1.1g-11.el8.x86_64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.aarch64" }, "product_reference": "openssl-libs-debuginfo-1:1.1.1g-11.el8.aarch64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.i686 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.i686" }, "product_reference": "openssl-libs-debuginfo-1:1.1.1g-11.el8.i686", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.ppc64le" }, "product_reference": "openssl-libs-debuginfo-1:1.1.1g-11.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.s390x" }, "product_reference": "openssl-libs-debuginfo-1:1.1.1g-11.el8.s390x", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-libs-debuginfo-1:1.1.1g-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.x86_64" }, "product_reference": "openssl-libs-debuginfo-1:1.1.1g-11.el8.x86_64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-1:1.1.1g-11.el8.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.aarch64" }, "product_reference": "openssl-perl-1:1.1.1g-11.el8.aarch64", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-1:1.1.1g-11.el8.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.ppc64le" }, "product_reference": "openssl-perl-1:1.1.1g-11.el8.ppc64le", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-1:1.1.1g-11.el8.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.s390x" }, "product_reference": "openssl-perl-1:1.1.1g-11.el8.s390x", "relates_to_product_reference": "BaseOS-8.3.0.GA" }, { "category": "default_component_of", "full_product_name": { "name": "openssl-perl-1:1.1.1g-11.el8.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)", "product_id": "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.x86_64" }, "product_reference": "openssl-perl-1:1.1.1g-11.el8.x86_64", "relates_to_product_reference": "BaseOS-8.3.0.GA" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-1551", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2019-12-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1780995" } ], "notes": [ { "category": "description", "text": "An integer overflow was found in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. As per upstream:\r\n\r\n* No EC algorithms are affected. \r\n\r\n* Attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. \r\n\r\n* Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway.\r\n\r\n* Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "title": "Vulnerability summary" }, { "category": "other", "text": "Accelerated modular exponentiation for Intel processors (RSAZ) was introduced in openssl-1.0.2, therefore older versions of OpenSSL are not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.src", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1551" }, { "category": "external", "summary": "RHBZ#1780995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780995" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1551", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1551" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551" }, { "category": "external", "summary": "https://github.com/openssl/openssl/pull/10575", "url": "https://github.com/openssl/openssl/pull/10575" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20191206.txt", "url": "https://www.openssl.org/news/secadv/20191206.txt" } ], "release_date": "2019-12-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-11-04T02:16:25+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor the update to take effect, all services linked to the OpenSSL library must be restarted, or the system rebooted.", "product_ids": [ "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.src", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4514" }, { "category": "workaround", "details": "For Red Hat Enterprise Linux 7, 512 bit DH is already disabled. As this bug is about leakage of the private key to the attacker, it should be fully sufficient to just not use 1024 bit RSA keys or 1024 bit DSA keys. These keys are not secure enough anyway. 3-prime RSA keys are not supported on RHEL-7.\n\nFor Red Hat Enterprise 8, The DEFAULT crypto policy already disables all these key sizes.\n\nAlso applications compiled with openssl which use the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME, other users of this API are not affected by this flaw.", "product_ids": [ "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.src", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.src", "BaseOS-8.3.0.GA:openssl-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-debuginfo-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-debugsource-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-devel-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-libs-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.i686", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-libs-debuginfo-1:1.1.1g-11.el8.x86_64", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.aarch64", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.ppc64le", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.s390x", "BaseOS-8.3.0.GA:openssl-perl-1:1.1.1g-11.el8.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64" } ] }
rhsa-2020_4384
Vulnerability from csaf_redhat
Published
2020-10-28 16:02
Modified
2024-11-05 22:53
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update
Notes
Topic
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 3 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security fix(es):
* curl: Integer overflows in curl_url_set() function (CVE-2019-5435)
* openssl: Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551)
* httpd: mod_http2 concurrent pool usage (CVE-2020-11993)
* httpd: mod_proxy_uswgi buffer overflow (CVE-2020-11984)
* httpd: allow connecting via SSL to a backend worker when the backend keystore file's ID is 'unknown' (CVE-2020-25680)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 3 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity fix(es):\n\n* curl: Integer overflows in curl_url_set() function (CVE-2019-5435)\n* openssl: Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551)\n* httpd: mod_http2 concurrent pool usage (CVE-2020-11993)\n* httpd: mod_proxy_uswgi buffer overflow (CVE-2020-11984)\n* httpd: allow connecting via SSL to a backend worker when the backend keystore file\u0027s ID is \u0027unknown\u0027 (CVE-2020-25680)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:4384", "url": "https://access.redhat.com/errata/RHSA-2020:4384" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1710609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609" }, { "category": "external", "summary": "1780995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780995" }, { "category": "external", "summary": "1866563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "category": "external", "summary": "1866564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "category": "external", "summary": "1892703", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892703" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4384.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update", "tracking": { "current_release_date": "2024-11-05T22:53:15+00:00", "generator": { "date": "2024-11-05T22:53:15+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2020:4384", "initial_release_date": "2020-10-28T16:02:45+00:00", "revision_history": [ { "date": "2020-10-28T16:02:45+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-11-04T14:58:19+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T22:53:15+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Core Services on RHEL 7 Server", "product": { "name": "Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1::el7" } } }, { "category": "product_name", "name": "Red Hat JBoss Core Services on RHEL 6 Server", "product": { "name": "Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1::el6" } } } ], "category": "product_family", "name": "Red Hat JBoss Core Services" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-38.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.0.6-38.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.0.6-38.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1c-32.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-34.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-34.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-34.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-64.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-64.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-64.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-11.Final_redhat_2.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-11.Final_redhat_2.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-30.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-30.jbcs.el7?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-57.GA.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-57.GA.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-10.redhat_1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-10.redhat_1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-10.redhat_1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-11.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-11.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil-debuginfo@1.0.0-1.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-104.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-104.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-104.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-75.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-44.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-44.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-44.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-44.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-53.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.11-53.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "product": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "product_id": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.11-53.jbcs.el7?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-38.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.0.6-38.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.0.6-38.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1c-32.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-34.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-34.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-34.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-64.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-64.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-64.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-11.Final_redhat_2.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-11.Final_redhat_2.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-30.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-30.jbcs.el6?arch=x86_64\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-10.redhat_1.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-10.redhat_1.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-10.redhat_1.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-57.GA.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-57.GA.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-11.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-11.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-104.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-104.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-104.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-75.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-44.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-44.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-44.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-44.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-53.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.11-53.jbcs.el6?arch=x86_64" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "product": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "product_id": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.11-53.jbcs.el6?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "product": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "product_id": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-38.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "product_id": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1c-32.jbcs.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-34.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "product_id": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-64.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-11.Final_redhat_2.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-30.jbcs.el7?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-57.GA.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-10.redhat_1.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-11.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "product": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "product_id": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-chil@1.0.0-1.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "product": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "product_id": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-104.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-75.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "product_id": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-44.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "product": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "product_id": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-53.jbcs.el7?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "product": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "product_id": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-38.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "product_id": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1c-32.jbcs.el6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-34.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "product_id": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-64.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-11.Final_redhat_2.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-30.jbcs.el6?arch=src\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk@1.2.48-10.redhat_1.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-57.GA.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-11.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "product": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "product_id": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-104.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-75.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "product_id": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-44.jbcs.el6?arch=src" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "product": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "product_id": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-53.jbcs.el6?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "product": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-64.jbcs.el7?arch=noarch" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "product": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "product_id": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-manual@2.4.37-64.jbcs.el6?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "product_id": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli@1.0.6-38.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "product_id": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-devel@1.0.6-38.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "product_id": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-brotli-debuginfo@1.0.6-38.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-devel@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-libs@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-perl@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-static@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "product_id": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-openssl-debuginfo@1.1.1c-32.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "product_id": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2@1.39.2-34.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "product_id": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-devel@1.39.2-34.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "product_id": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-nghttp2-debuginfo@1.39.2-34.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-devel@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-selinux@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-tools@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ldap@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_proxy_html@2.4.37-64.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_session@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_ssl@2.4.37-64.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "product_id": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-httpd-debuginfo@2.4.37-64.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native@1.3.14-11.Final_redhat_2.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_cluster-native-debuginfo@1.3.14-11.Final_redhat_2.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md@2.0.8-30.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_md-debuginfo@2.0.8-30.jbcs.el6?arch=i686\u0026epoch=1" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-ap24@1.2.48-10.redhat_1.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-manual@1.2.48-10.redhat_1.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_jk-debuginfo@1.2.48-10.redhat_1.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security@2.9.2-57.GA.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_security-debuginfo@2.9.2-57.GA.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2@1.15.7-11.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "product_id": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-mod_http2-debuginfo@1.15.7-11.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr@1.6.3-104.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-devel@1.6.3-104.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-debuginfo@1.6.3-104.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-devel@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-ldap@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-mysql@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-nss@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-odbc@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-openssl@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-pgsql@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-sqlite@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "product_id": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-apr-util-debuginfo@1.6.1-75.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "product_id": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl@7.64.1-44.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "product_id": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl@7.64.1-44.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "product_id": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-libcurl-devel@7.64.1-44.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "product_id": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-curl-debuginfo@7.64.1-44.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "product_id": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson@2.11-53.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "product_id": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-devel@2.11-53.jbcs.el6?arch=i686" } } }, { "category": "product_version", "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "product": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "product_id": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "product_identification_helper": { "purl": "pkg:rpm/redhat/jbcs-httpd24-jansson-debuginfo@2.11-53.jbcs.el6?arch=i686" } } } ], "category": "architecture", "name": "i686" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch" }, "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64 as a component of Red Hat JBoss Core Services on RHEL 6 Server", "product_id": "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "relates_to_product_reference": "6Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch" }, "product_reference": "jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src" }, "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" }, { "category": "default_component_of", "full_product_name": { "name": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64 as a component of Red Hat JBoss Core Services on RHEL 7 Server", "product_id": "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" }, "product_reference": "jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64", "relates_to_product_reference": "7Server-JBCS" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-1551", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2019-12-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1780995" } ], "notes": [ { "category": "description", "text": "An integer overflow was found in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. As per upstream:\r\n\r\n* No EC algorithms are affected. \r\n\r\n* Attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. \r\n\r\n* Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway.\r\n\r\n* Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "title": "Vulnerability summary" }, { "category": "other", "text": "Accelerated modular exponentiation for Intel processors (RSAZ) was introduced in openssl-1.0.2, therefore older versions of OpenSSL are not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1551" }, { "category": "external", "summary": "RHBZ#1780995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780995" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1551", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1551" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551" }, { "category": "external", "summary": "https://github.com/openssl/openssl/pull/10575", "url": "https://github.com/openssl/openssl/pull/10575" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20191206.txt", "url": "https://www.openssl.org/news/secadv/20191206.txt" } ], "release_date": "2019-12-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T16:02:45+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4384" }, { "category": "workaround", "details": "For Red Hat Enterprise Linux 7, 512 bit DH is already disabled. As this bug is about leakage of the private key to the attacker, it should be fully sufficient to just not use 1024 bit RSA keys or 1024 bit DSA keys. These keys are not secure enough anyway. 3-prime RSA keys are not supported on RHEL-7.\n\nFor Red Hat Enterprise 8, The DEFAULT crypto policy already disables all these key sizes.\n\nAlso applications compiled with openssl which use the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME, other users of this API are not affected by this flaw.", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64" }, { "acknowledgments": [ { "names": [ "the Curl project" ] }, { "names": [ "Wenchao Li" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2019-5435", "cwe": { "id": "CWE-131", "name": "Incorrect Calculation of Buffer Size" }, "discovery_date": "2019-05-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1710609" } ], "notes": [ { "category": "description", "text": "An integer overflow in curl\u0027s URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: Integer overflows in curl_url_set() function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-5435" }, { "category": "external", "summary": "RHBZ#1710609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-5435", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5435" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435" } ], "release_date": "2019-05-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T16:02:45+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4384" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "curl: Integer overflows in curl_url_set() function" }, { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11984", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866563" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.32 to 2.4.46. The uwsgi protocol does not serialize more than 16K of HTTP header leading to resource exhaustion and denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_proxy_uwsgi buffer overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11984" }, { "category": "external", "summary": "RHBZ#1866563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11984", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11984" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T16:02:45+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4384" }, { "category": "workaround", "details": "This flaw only affects specific httpd configurations which use the uwsgi protocol. It does not manifest itself when uwsgi protocol is not used. Commenting out \"LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so\" in /etc/httpd/conf.modules.d/00-proxy.conf will disable the loading of the vulnerable module.", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_proxy_uwsgi buffer overflow" }, { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11993", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866564" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.20 to 2.4.43. Logging using the wrong pool by mod_http2 at debug/trace log level may lead to potential crashes and denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_http2 concurrent pool usage", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11993" }, { "category": "external", "summary": "RHBZ#1866564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11993", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11993" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T16:02:45+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4384" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_http2 concurrent pool usage" }, { "acknowledgments": [ { "names": [ "Paul Lodge" ], "organization": "Red Hat", "summary": "This issue was discovered by Red Hat." } ], "cve": "CVE-2020-25680", "cwe": { "id": "CWE-295", "name": "Improper Certificate Validation" }, "discovery_date": "2020-10-29T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1892703" } ], "notes": [ { "category": "description", "text": "A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file\u0027s ID is \u0027unknown\u0027. The validation of the certificate whether CN and hostname are matching stopped working and allow connecting to the back-end work. The highest threat from this vulnerability is to data integrity.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: allow connecting via SSL to a backend worker when the backend keystore file\u0027s ID is \u0027unknown\u0027", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-25680" }, { "category": "external", "summary": "RHBZ#1892703", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1892703" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-25680", "url": "https://www.cve.org/CVERecord?id=CVE-2020-25680" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-25680", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-25680" } ], "release_date": "2020-10-29T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T16:02:45+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4384" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el6.noarch", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.src", "6Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el6.x86_64", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.i686", "6Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el6.x86_64", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-debuginfo-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-devel-0:1.6.3-104.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-apr-util-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-debuginfo-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-devel-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-ldap-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-mysql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-nss-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-odbc-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-openssl-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-pgsql-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-apr-util-sqlite-0:1.6.1-75.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-brotli-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-debuginfo-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-brotli-devel-0:1.0.6-38.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-curl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-curl-debuginfo-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-httpd-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-debuginfo-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-devel-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-manual-0:2.4.37-64.jbcs.el7.noarch", "7Server-JBCS:jbcs-httpd24-httpd-selinux-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-httpd-tools-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-jansson-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-debuginfo-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-jansson-devel-0:2.11-53.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-libcurl-devel-0:7.64.1-44.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_cluster-native-debuginfo-0:1.3.14-11.Final_redhat_2.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_http2-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_http2-debuginfo-0:1.15.7-11.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-0:1.2.48-10.redhat_1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_jk-ap24-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-debuginfo-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_jk-manual-0:1.2.48-10.redhat_1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ldap-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_md-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_md-debuginfo-1:2.0.8-30.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_proxy_html-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-mod_security-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_security-debuginfo-0:2.9.2-57.GA.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_session-0:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-mod_ssl-1:2.4.37-64.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-nghttp2-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-debuginfo-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-nghttp2-devel-0:1.39.2-34.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.src", "7Server-JBCS:jbcs-httpd24-openssl-chil-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-chil-debuginfo-0:1.0.0-1.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-debuginfo-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-devel-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-libs-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-perl-1:1.1.1c-32.jbcs.el7.x86_64", "7Server-JBCS:jbcs-httpd24-openssl-static-1:1.1.1c-32.jbcs.el7.x86_64" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "httpd: allow connecting via SSL to a backend worker when the backend keystore file\u0027s ID is \u0027unknown\u0027" } ] }
rhsa-2020_4383
Vulnerability from csaf_redhat
Published
2020-10-28 15:49
Modified
2024-11-05 22:53
Summary
Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update
Notes
Topic
Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 5 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is available.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.
This release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering.
This release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 4 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security fix(es):
* curl: Integer overflows in curl_url_set() function (CVE-2019-5435)
* openssl: Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551)
* httpd: mod_http2 concurrent pool usage (CVE-2020-11993)
* httpd: mod_proxy_uswgi buffer overflow (CVE-2020-11984)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Moderate" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 5 zip release for RHEL 6, RHEL 7, RHEL 8 and Microsoft Windows is available.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience.\n\nThis release adds the new Apache HTTP Server 2.4.37 Service Pack 5 packages that are part of the JBoss Core Services offering.\n\nThis release serves as a replacement for Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 4 and includes bug fixes and enhancements. Refer to the Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity fix(es):\n\n* curl: Integer overflows in curl_url_set() function (CVE-2019-5435)\n* openssl: Integer overflow in RSAZ modular exponentiation on x86_64 (CVE-2019-1551)\n* httpd: mod_http2 concurrent pool usage (CVE-2020-11993)\n* httpd: mod_proxy_uswgi buffer overflow (CVE-2020-11984)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2020:4383", "url": "https://access.redhat.com/errata/RHSA-2020:4383" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#moderate", "url": "https://access.redhat.com/security/updates/classification/#moderate" }, { "category": "external", "summary": "1710609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609" }, { "category": "external", "summary": "1780995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780995" }, { "category": "external", "summary": "1866563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "category": "external", "summary": "1866564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4383.json" } ], "title": "Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP5 security update", "tracking": { "current_release_date": "2024-11-05T22:53:00+00:00", "generator": { "date": "2024-11-05T22:53:00+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.1.1" } }, "id": "RHSA-2020:4383", "initial_release_date": "2020-10-28T15:49:25+00:00", "revision_history": [ { "date": "2020-10-28T15:49:25+00:00", "number": "1", "summary": "Initial version" }, { "date": "2020-10-28T15:49:25+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-05T22:53:00+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat JBoss Core Services 1", "product": { "name": "Red Hat JBoss Core Services 1", "product_id": "Red Hat JBoss Core Services 1", "product_identification_helper": { "cpe": "cpe:/a:redhat:jboss_core_services:1" } } } ], "category": "product_family", "name": "Red Hat JBoss Core Services" } ], "category": "vendor", "name": "Red Hat" } ] }, "vulnerabilities": [ { "cve": "CVE-2019-1551", "cwe": { "id": "CWE-190", "name": "Integer Overflow or Wraparound" }, "discovery_date": "2019-12-09T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1780995" } ], "notes": [ { "category": "description", "text": "An integer overflow was found in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. As per upstream:\r\n\r\n* No EC algorithms are affected. \r\n\r\n* Attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. \r\n\r\n* Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway.\r\n\r\n* Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME", "title": "Vulnerability description" }, { "category": "summary", "text": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64", "title": "Vulnerability summary" }, { "category": "other", "text": "Accelerated modular exponentiation for Intel processors (RSAZ) was introduced in openssl-1.0.2, therefore older versions of OpenSSL are not affected by this flaw.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-1551" }, { "category": "external", "summary": "RHBZ#1780995", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1780995" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-1551", "url": "https://www.cve.org/CVERecord?id=CVE-2019-1551" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551" }, { "category": "external", "summary": "https://github.com/openssl/openssl/pull/10575", "url": "https://github.com/openssl/openssl/pull/10575" }, { "category": "external", "summary": "https://www.openssl.org/news/secadv/20191206.txt", "url": "https://www.openssl.org/news/secadv/20191206.txt" } ], "release_date": "2019-12-06T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T15:49:25+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4383" }, { "category": "workaround", "details": "For Red Hat Enterprise Linux 7, 512 bit DH is already disabled. As this bug is about leakage of the private key to the attacker, it should be fully sufficient to just not use 1024 bit RSA keys or 1024 bit DSA keys. These keys are not secure enough anyway. 3-prime RSA keys are not supported on RHEL-7.\n\nFor Red Hat Enterprise 8, The DEFAULT crypto policy already disables all these key sizes.\n\nAlso applications compiled with openssl which use the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME, other users of this API are not affected by this flaw.", "product_ids": [ "Red Hat JBoss Core Services 1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "openssl: Integer overflow in RSAZ modular exponentiation on x86_64" }, { "acknowledgments": [ { "names": [ "the Curl project" ] }, { "names": [ "Wenchao Li" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2019-5435", "cwe": { "id": "CWE-131", "name": "Incorrect Calculation of Buffer Size" }, "discovery_date": "2019-05-15T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1710609" } ], "notes": [ { "category": "description", "text": "An integer overflow in curl\u0027s URL API results in a buffer overflow in libcurl 7.62.0 to and including 7.64.1.", "title": "Vulnerability description" }, { "category": "summary", "text": "curl: Integer overflows in curl_url_set() function", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2019-5435" }, { "category": "external", "summary": "RHBZ#1710609", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1710609" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2019-5435", "url": "https://www.cve.org/CVERecord?id=CVE-2019-5435" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-5435" } ], "release_date": "2019-05-22T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T15:49:25+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 3.7, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.0" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Low" } ], "title": "curl: Integer overflows in curl_url_set() function" }, { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11984", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866563" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.32 to 2.4.46. The uwsgi protocol does not serialize more than 16K of HTTP header leading to resource exhaustion and denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_proxy_uwsgi buffer overflow", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11984" }, { "category": "external", "summary": "RHBZ#1866563", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866563" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11984", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11984" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11984" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11984" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T15:49:25+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4383" }, { "category": "workaround", "details": "This flaw only affects specific httpd configurations which use the uwsgi protocol. It does not manifest itself when uwsgi protocol is not used. Commenting out \"LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so\" in /etc/httpd/conf.modules.d/00-proxy.conf will disable the loading of the vulnerable module.", "product_ids": [ "Red Hat JBoss Core Services 1" ] } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_proxy_uwsgi buffer overflow" }, { "acknowledgments": [ { "names": [ "the Apache project" ] } ], "cve": "CVE-2020-11993", "cwe": { "id": "CWE-400", "name": "Uncontrolled Resource Consumption" }, "discovery_date": "2020-08-05T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1866564" } ], "notes": [ { "category": "description", "text": "A flaw was found in Apache httpd in versions 2.4.20 to 2.4.43. Logging using the wrong pool by mod_http2 at debug/trace log level may lead to potential crashes and denial of service. The highest threat from this vulnerability is to system availability.", "title": "Vulnerability description" }, { "category": "summary", "text": "httpd: mod_http2 concurrent pool usage", "title": "Vulnerability summary" }, { "category": "other", "text": "Red Hat Enterprise Linux 5, 6, and 7 do not ship the vulnerable version of httpd and, thus, are not affected.", "title": "Statement" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "Red Hat JBoss Core Services 1" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2020-11993" }, { "category": "external", "summary": "RHBZ#1866564", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1866564" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2020-11993", "url": "https://www.cve.org/CVERecord?id=CVE-2020-11993" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993", "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11993" }, { "category": "external", "summary": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993", "url": "https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993" } ], "release_date": "2020-08-07T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2020-10-28T15:49:25+00:00", "details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link for the update. You must be logged in to download the update.", "product_ids": [ "Red Hat JBoss Core Services 1" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2020:4383" } ], "scores": [ { "cvss_v3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "Red Hat JBoss Core Services 1" ] } ], "threats": [ { "category": "impact", "details": "Moderate" } ], "title": "httpd: mod_http2 concurrent pool usage" } ] }
ghsa-fcc6-m5v9-xcgq
Vulnerability from github
Published
2022-05-24 17:02
Modified
2024-04-04 02:42
Severity ?
Details
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e-dev (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u-dev (Affected 1.0.2-1.0.2t).
{ "affected": [], "aliases": [ "CVE-2019-1551" ], "database_specific": { "cwe_ids": [ "CWE-190", "CWE-200" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2019-12-06T18:15:00Z", "severity": "MODERATE" }, "details": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e-dev (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u-dev (Affected 1.0.2-1.0.2t).", "id": "GHSA-fcc6-m5v9-xcgq", "modified": "2024-04-04T02:42:08Z", "published": "2022-05-24T17:02:47Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-1551" }, { "type": "WEB", "url": "https://www.tenable.com/security/tns-2021-10" }, { "type": "WEB", "url": "https://www.tenable.com/security/tns-2020-11" }, { "type": "WEB", "url": "https://www.tenable.com/security/tns-2020-03" }, { "type": "WEB", "url": "https://www.tenable.com/security/tns-2019-09" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "type": "WEB", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "type": "WEB", "url": "https://www.openssl.org/news/secadv/20191206.txt" }, { "type": "WEB", "url": "https://www.debian.org/security/2021/dsa-4855" }, { "type": "WEB", "url": "https://www.debian.org/security/2019/dsa-4594" }, { "type": "WEB", "url": "https://usn.ubuntu.com/4504-1" }, { "type": "WEB", "url": "https://usn.ubuntu.com/4376-1" }, { "type": "WEB", "url": "https://security.netapp.com/advisory/ntap-20191210-0001" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/202004-10" }, { "type": "WEB", "url": "https://seclists.org/bugtraq/2019/Dec/46" }, { "type": "WEB", "url": "https://seclists.org/bugtraq/2019/Dec/39" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD" }, { "type": "WEB", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY" }, { "type": "WEB", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" }, { "type": "WEB", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98" }, { "type": "WEB", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f" }, { "type": "WEB", "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=f1c5eea8a817075d31e43f5876993c6710238c98" }, { "type": "WEB", "url": "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=419102400a2811582a7a3d4a4e317d72e5ce0a8f" }, { "type": "WEB", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html" }, { "type": "WEB", "url": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "type": "CVSS_V3" } ] }
gsd-2019-1551
Vulnerability from gsd
Modified
2023-12-13 01:23
Details
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).
Aliases
Aliases
{ "GSD": { "alias": "CVE-2019-1551", "description": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "id": "GSD-2019-1551", "references": [ "https://www.suse.com/security/cve/CVE-2019-1551.html", "https://www.debian.org/security/2021/dsa-4855", "https://www.debian.org/security/2019/dsa-4594", "https://access.redhat.com/errata/RHSA-2020:4514", "https://access.redhat.com/errata/RHSA-2020:4384", "https://access.redhat.com/errata/RHSA-2020:4383", "https://ubuntu.com/security/CVE-2019-1551", "https://advisories.mageia.org/CVE-2019-1551.html", "https://linux.oracle.com/cve/CVE-2019-1551.html" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2019-1551" ], "details": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t).", "id": "GSD-2019-1551", "modified": "2023-12-13T01:23:51.557638Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "openssl-security@openssl.org", "DATE_PUBLIC": "2019-12-06", "ID": "CVE-2019-1551", "STATE": "PUBLIC", "TITLE": "rsaz_512_sqr overflow bug on x86_64" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "OpenSSL", "version": { "version_data": [ { "version_value": "Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d)" }, { "version_value": "Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t)" } ] } } ] }, "vendor_name": "OpenSSL" } ] } }, "credit": [ { "lang": "eng", "value": "OSS-Fuzz and Guido Vranken" } ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t)." } ] }, "impact": [ { "lang": "eng", "url": "https://www.openssl.org/policies/secpolicy.html#Low", "value": "Low" } ], "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Integer overflow bug" } ] } ] }, "references": { "reference_data": [ { "name": "20191225 [slackware-security] openssl (SSA:2019-354-01)", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Dec/39" }, { "name": "DSA-4594", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2019/dsa-4594" }, { "name": "20191229 [SECURITY] [DSA 4594-1] openssl1.0 security update", "refsource": "BUGTRAQ", "url": "https://seclists.org/bugtraq/2019/Dec/46" }, { "name": "openSUSE-SU-2020:0062", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html" }, { "name": "GLSA-202004-10", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/202004-10" }, { "name": "FEDORA-2020-fcc91a28e8", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/" }, { "name": "FEDORA-2020-da2d1ef2d7", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/" }, { "name": "FEDORA-2020-d7b29838f6", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/" }, { "name": "USN-4376-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4376-1/" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "https://www.tenable.com/security/tns-2019-09", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2019-09" }, { "name": "https://www.openssl.org/news/secadv/20191206.txt", "refsource": "CONFIRM", "url": "https://www.openssl.org/news/secadv/20191206.txt" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", "refsource": "CONFIRM", "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98" }, { "name": "https://security.netapp.com/advisory/ntap-20191210-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20191210-0001/" }, { "name": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html" }, { "name": "https://www.tenable.com/security/tns-2020-03", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2020-03" }, { "name": "USN-4504-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4504-1/" }, { "name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "https://www.tenable.com/security/tns-2020-11", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2020-11" }, { "name": "DSA-4855", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2021/dsa-4855" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "https://www.tenable.com/security/tns-2021-10", "refsource": "CONFIRM", "url": "https://www.tenable.com/security/tns-2021-10" }, { "name": "[debian-lts-announce] 20220317 [SECURITY] [DLA 2952-1] openssl security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.0.2t", "versionStartIncluding": "1.0.2", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "1.1.1d", "versionStartIncluding": "1.1.1", "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "4.0.12", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "8.0.20", "versionStartIncluding": "8.0.0", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.58:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:tenable:log_correlation_engine:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndExcluding": "6.0.9", "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "openssl-security@openssl.org", "ID": "CVE-2019-1551" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME. Fixed in OpenSSL 1.1.1e (Affected 1.1.1-1.1.1d). Fixed in OpenSSL 1.0.2u (Affected 1.0.2-1.0.2t)." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-190" } ] } ] }, "references": { "reference_data": [ { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f", "refsource": "CONFIRM", "tags": [ "Mailing List", "Patch", "Third Party Advisory", "Vendor Advisory" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f" }, { "name": "https://www.openssl.org/news/secadv/20191206.txt", "refsource": "CONFIRM", "tags": [ "Vendor Advisory" ], "url": "https://www.openssl.org/news/secadv/20191206.txt" }, { "name": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98", "refsource": "CONFIRM", "tags": [ "Mailing List", "Patch", "Vendor Advisory" ], "url": "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98" }, { "name": "https://security.netapp.com/advisory/ntap-20191210-0001/", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://security.netapp.com/advisory/ntap-20191210-0001/" }, { "name": "20191225 [slackware-security] openssl (SSA:2019-354-01)", "refsource": "BUGTRAQ", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://seclists.org/bugtraq/2019/Dec/39" }, { "name": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html", "refsource": "MISC", "tags": [ "Third Party Advisory", "VDB Entry" ], "url": "http://packetstormsecurity.com/files/155754/Slackware-Security-Advisory-openssl-Updates.html" }, { "name": "DSA-4594", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2019/dsa-4594" }, { "name": "20191229 [SECURITY] [DSA 4594-1] openssl1.0 security update", "refsource": "BUGTRAQ", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://seclists.org/bugtraq/2019/Dec/46" }, { "name": "https://www.tenable.com/security/tns-2019-09", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.tenable.com/security/tns-2019-09" }, { "name": "openSUSE-SU-2020:0062", "refsource": "SUSE", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00030.html" }, { "name": "GLSA-202004-10", "refsource": "GENTOO", "tags": [ "Third Party Advisory" ], "url": "https://security.gentoo.org/glsa/202004-10" }, { "name": "FEDORA-2020-fcc91a28e8", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XVEP3LAK4JSPRXFO4QF4GG2IVXADV3SO/" }, { "name": "https://www.tenable.com/security/tns-2020-03", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.tenable.com/security/tns-2020-03" }, { "name": "FEDORA-2020-da2d1ef2d7", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDHOAATPWJCXRNFMJ2SASDBBNU5RJONY/" }, { "name": "FEDORA-2020-d7b29838f6", "refsource": "FEDORA", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EXDDAOWSAIEFQNBHWYE6PPYFV4QXGMCD/" }, { "name": "USN-4376-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4376-1/" }, { "name": "https://www.oracle.com/security-alerts/cpujul2020.html", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpujul2020.html" }, { "name": "USN-4504-1", "refsource": "UBUNTU", "tags": [ "Third Party Advisory" ], "url": "https://usn.ubuntu.com/4504-1/" }, { "name": "https://www.tenable.com/security/tns-2020-11", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.tenable.com/security/tns-2020-11" }, { "name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpujan2021.html" }, { "name": "DSA-4855", "refsource": "DEBIAN", "tags": [ "Third Party Advisory" ], "url": "https://www.debian.org/security/2021/dsa-4855" }, { "name": "https://www.tenable.com/security/tns-2021-10", "refsource": "CONFIRM", "tags": [ "Third Party Advisory" ], "url": "https://www.tenable.com/security/tns-2021-10" }, { "name": "https://www.oracle.com/security-alerts/cpuApr2021.html", "refsource": "MISC", "tags": [ "Patch", "Third Party Advisory" ], "url": "https://www.oracle.com/security-alerts/cpuApr2021.html" }, { "name": "[debian-lts-announce] 20220317 [SECURITY] [DLA 2952-1] openssl security update", "refsource": "MLIST", "tags": [ "Mailing List", "Third Party Advisory" ], "url": "https://lists.debian.org/debian-lts-announce/2022/03/msg00023.html" } ] } }, "impact": { "baseMetricV2": { "acInsufInfo": false, "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "exploitabilityScore": 3.9, "impactScore": 1.4 } }, "lastModifiedDate": "2022-04-19T15:36Z", "publishedDate": "2019-12-06T18:15Z" } } }
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.