LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

March 2010

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA March 2010

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Moderate: httpd on SL5.x i386/x86_64
From:	Troy Dawson <[log in to unmask]>
Reply To:	Troy Dawson <[log in to unmask]>
Date:	Thu, 25 Mar 2010 11:12:26 -0500
Content-Type:	text/plain
Parts/Attachments:	text/plain (56 lines)

Synopsis:	Moderate: httpd security and enhancement update
Issue date:	2010-03-25
CVE Names:	CVE-2010-0408 CVE-2010-0434

CVE-2010-0408 httpd: mod_proxy_ajp remote temporary DoS
CVE-2010-0434 httpd: request header information leak

It was discovered that mod_proxy_ajp incorrectly returned an "Internal
Server Error" response when processing certain malformed requests, which
caused the back-end server to be marked as failed in configurations 
where mod_proxy is used in load balancer mode. A remote attacker could 
cause mod_proxy to not send requests to back-end AJP (Apache JServ 
Protocol) servers for the retry timeout period (60 seconds by default) 
by sending specially-crafted requests. (CVE-2010-0408)

A use-after-free flaw was discovered in the way the Apache HTTP Server
handled request headers in subrequests. In configurations where 
subrequests are used, a multithreaded MPM (Multi-Processing Module) 
could possibly leak information from other requests in request replies. 
(CVE-2010-0434)

This update also adds the following enhancement:

* with the updated openssl packages from RHSA-2010:0162 installed, 
mod_ssl will refuse to renegotiate a TLS/SSL connection with an 
unpatched client that does not support RFC 5746. This update adds the
"SSLInsecureRenegotiation" configuration directive. If this directive is
enabled, mod_ssl will renegotiate insecurely with unpatched clients.
(BZ#567980)

Refer to the following Red Hat Knowledgebase article for more details 
about the changed mod_ssl behavior: 
http://kbase.redhat.com/faq/docs/DOC-20491

After installing the updated packages, the httpd daemon must be 
restarted for the update to take effect.

SL 5.x

     SRPMS:
httpd-2.2.3-31.el5_4.4.src.rpm
     i386:
httpd-2.2.3-31.sl5.4.i386.rpm
httpd-devel-2.2.3-31.sl5.4.i386.rpm
httpd-manual-2.2.3-31.sl5.4.i386.rpm
mod_ssl-2.2.3-31.sl5.4.i386.rpm
     x86_64:
httpd-2.2.3-31.sl5.4.x86_64.rpm
httpd-devel-2.2.3-31.sl5.4.i386.rpm
httpd-devel-2.2.3-31.sl5.4.x86_64.rpm
httpd-manual-2.2.3-31.sl5.4.x86_64.rpm
mod_ssl-2.2.3-31.sl5.4.x86_64.rpm

-Connie Sieh
-Troy Dawson

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV