Synopsis: Moderate: httpd security update
Advisory ID: SLSA-2015:1668-1
Issue Date: 2015-08-24
CVE Numbers: CVE-2015-3183
--
Multiple flaws were found in the way httpd parsed HTTP requests and
responses using chunked transfer encoding. A remote attacker could use
these flaws to create a specially crafted request, which httpd would
decode differently from an HTTP proxy software in front of it, possibly
leading to HTTP request smuggling attacks. (CVE-2015-3183)
After installing the updated packages, the httpd service will be restarted
automatically.
--
SL6
x86_64
httpd-2.2.15-47.sl6.x86_64.rpm
httpd-debuginfo-2.2.15-47.sl6.x86_64.rpm
httpd-tools-2.2.15-47.sl6.x86_64.rpm
httpd-debuginfo-2.2.15-47.sl6.i686.rpm
httpd-devel-2.2.15-47.sl6.i686.rpm
httpd-devel-2.2.15-47.sl6.x86_64.rpm
mod_ssl-2.2.15-47.sl6.x86_64.rpm
i386
httpd-2.2.15-47.sl6.i686.rpm
httpd-debuginfo-2.2.15-47.sl6.i686.rpm
httpd-tools-2.2.15-47.sl6.i686.rpm
httpd-devel-2.2.15-47.sl6.i686.rpm
mod_ssl-2.2.15-47.sl6.i686.rpm
noarch
httpd-manual-2.2.15-47.sl6.noarch.rpm
- Scientific Linux Development Team
