Red Hat 9037 Published by

A new update is available for Red Hat Enterprise Linux. Here the announcement:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Moderate: httpd security update
Advisory ID: RHSA-2007:0911-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0911.html
Issue date: 2007-10-25
Updated on: 2007-10-25
Product: Red Hat Application Stack
CVE Names: CVE-2007-3847 CVE-2007-4465
- ---------------------------------------------------------------------

1. Summary:

Updated httpd packages that fix two security issues are now available for
Red Hat Application Stack.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64
Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64
Red Hat Application Stack v2 for Enterprise Linux (v.5) - i386, x86_64

3. Problem description:

The Apache HTTP Server is a popular and freely-available Web server.

A flaw was found in the Apache HTTP Server mod_proxy module. On sites where
a reverse proxy is configured, a remote attacker could send a carefully
crafted request that would cause the Apache child process handling that
request to crash. On sites where a forward proxy is configured, an attacker
could cause a similar crash if a user could be persuaded to visit a
malicious site using the proxy. This could lead to a denial of service if
using a threaded Multi-Processing Module. (CVE-2007-3847)

A flaw was found in the mod_autoindex module. On sites where directory
listings are used, and the AddDefaultCharset directive has been removed
from the configuration, a cross-site-scripting attack may be possible
against browsers which do not correctly derive the response character set
following the rules in RFC 2616. (CVE-2007-4465)

Users of httpd should upgrade to these updated packages which contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

250731 - CVE-2007-3847 httpd out of bounds read
289511 - CVE-2007-4465 mod_autoindex XSS

6. RPMs required:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4):

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/httpd-2.0.59-1.el4s1.8.src.rpm
b22d942398339ba1cc053714f1245559 httpd-2.0.59-1.el4s1.8.src.rpm

i386:
23b907a015f7b4968a0f2ebe68ddb9bb httpd-2.0.59-1.el4s1.8.i386.rpm
dfe9025cfcb1e3f5ee617481267281ac httpd-debuginfo-2.0.59-1.el4s1.8.i386.rpm
d29093f7086e36831697065af1ace33b httpd-devel-2.0.59-1.el4s1.8.i386.rpm
d7e801938aa2ade0ec8b6de4e38a4191 httpd-manual-2.0.59-1.el4s1.8.i386.rpm
2364d43a57752986156c38a2b2cf1a4d mod_ssl-2.0.59-1.el4s1.8.i386.rpm

x86_64:
2692e4c6b432a195b05fabf7c479af69 httpd-2.0.59-1.el4s1.8.x86_64.rpm
2e57ee08b75d10fa8a560658b57504b5 httpd-debuginfo-2.0.59-1.el4s1.8.x86_64.rpm
8f71efc4adbb9d16a8d6575097d54ef1 httpd-devel-2.0.59-1.el4s1.8.x86_64.rpm
e5f1af974d7203f476c6592f02f9a640 httpd-manual-2.0.59-1.el4s1.8.x86_64.rpm
e99210762a5307b09fff744537ffe14d mod_ssl-2.0.59-1.el4s1.8.x86_64.rpm

Red Hat Application Stack v1 for Enterprise Linux ES (v.4):

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/httpd-2.0.59-1.el4s1.8.src.rpm
b22d942398339ba1cc053714f1245559 httpd-2.0.59-1.el4s1.8.src.rpm

i386:
23b907a015f7b4968a0f2ebe68ddb9bb httpd-2.0.59-1.el4s1.8.i386.rpm
dfe9025cfcb1e3f5ee617481267281ac httpd-debuginfo-2.0.59-1.el4s1.8.i386.rpm
d29093f7086e36831697065af1ace33b httpd-devel-2.0.59-1.el4s1.8.i386.rpm
d7e801938aa2ade0ec8b6de4e38a4191 httpd-manual-2.0.59-1.el4s1.8.i386.rpm
2364d43a57752986156c38a2b2cf1a4d mod_ssl-2.0.59-1.el4s1.8.i386.rpm

x86_64:
2692e4c6b432a195b05fabf7c479af69 httpd-2.0.59-1.el4s1.8.x86_64.rpm
2e57ee08b75d10fa8a560658b57504b5 httpd-debuginfo-2.0.59-1.el4s1.8.x86_64.rpm
8f71efc4adbb9d16a8d6575097d54ef1 httpd-devel-2.0.59-1.el4s1.8.x86_64.rpm
e5f1af974d7203f476c6592f02f9a640 httpd-manual-2.0.59-1.el4s1.8.x86_64.rpm
e99210762a5307b09fff744537ffe14d mod_ssl-2.0.59-1.el4s1.8.x86_64.rpm

Red Hat Application Stack v2 for Enterprise Linux (v.5) :

SRPMS:
ftp://updates.redhat.com/enterprise//en/RHWAS/SRPMS/httpd-2.2.4-7.el5s2.src.rpm
5b24a23198e69394837c1bffc9a092bd httpd-2.2.4-7.el5s2.src.rpm

i386:
e24b96db9a4fa7e549685674cf7712fe httpd-2.2.4-7.el5s2.i386.rpm
a865d1e5d2c8c3ddfc231559d1f29f59 httpd-debuginfo-2.2.4-7.el5s2.i386.rpm
5f28a8daf0d46d53f4d32fe9e4203da9 httpd-devel-2.2.4-7.el5s2.i386.rpm
5d5a7bb9acc85554a9fc43a3fe91a97d httpd-manual-2.2.4-7.el5s2.i386.rpm
a90655c1d69d20a46b81f3ee491a6b36 mod_ssl-2.2.4-7.el5s2.i386.rpm

x86_64:
7702abea501f3817ebf45787656acfd9 httpd-2.2.4-7.el5s2.x86_64.rpm
a865d1e5d2c8c3ddfc231559d1f29f59 httpd-debuginfo-2.2.4-7.el5s2.i386.rpm
1947e49d5aa632c97b17c5ab7e7239b7 httpd-debuginfo-2.2.4-7.el5s2.x86_64.rpm
5f28a8daf0d46d53f4d32fe9e4203da9 httpd-devel-2.2.4-7.el5s2.i386.rpm
bb87b357ca2f0f85dfa2d10fafc80f24 httpd-devel-2.2.4-7.el5s2.x86_64.rpm
2f8bdb1f247c766e46070718e2332144 httpd-manual-2.2.4-7.el5s2.x86_64.rpm
3bde4cb28d3a52c34083fea4225870c1 mod_ssl-2.2.4-7.el5s2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3847
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4465
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFHINRzXlSAg2UNWIIRAmkLAJ9JAw3taJqLWbeyUK+JvxowioMC9wCgs9er
Fwh/M5uT9vhYn304aedQnd4=
=Ppdm
-----END PGP SIGNATURE-----